CVE-2024-12133 - Vulnerability Details

A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Exploitation none

Automatable yes

Technical Impact partial

Vendors	Products
Redhat	Enterprise Linux Openshift Rhel Eus

No data.

Package	CPE	Advisory	Released Date
Red Hat Enterprise Linux 8
libtasn1-0:4.13-5.el8_10	cpe:/a:redhat:enterprise_linux:8	RHSA-2025:4049	2025-04-23T00:00:00Z
libtasn1-0:4.13-5.el8_10	cpe:/o:redhat:enterprise_linux:8	RHSA-2025:4049	2025-04-23T00:00:00Z
Red Hat Enterprise Linux 9
libtasn1-0:4.16.0-9.el9	cpe:/a:redhat:enterprise_linux:9	RHSA-2025:7077	2025-05-13T00:00:00Z
libtasn1-0:4.16.0-9.el9	cpe:/o:redhat:enterprise_linux:9	RHSA-2025:7077	2025-05-13T00:00:00Z
Red Hat Enterprise Linux 9.4 Extended Update Support
libtasn1-0:4.16.0-8.el9_4.1	cpe:/a:redhat:rhel_eus:9.4	RHSA-2025:8021	2025-05-20T00:00:00Z

References

Link	Providers
http://www.openwall.com/lists/oss-security/2025/02/06/6
https://access.redhat.com/errata/RHSA-2025:4049
https://access.redhat.com/errata/RHSA-2025:7077
https://access.redhat.com/errata/RHSA-2025:8021
https://access.redhat.com/security/cve/CVE-2024-12133
https://bugzilla.redhat.com/show_bug.cgi?id=2344611
https://gitlab.com/gnutls/libtasn1/-/issues/52
https://lists.debian.org/debian-lts-announce/2025/02/msg00025.html
https://nvd.nist.gov/vuln/detail/CVE-2024-12133
https://www.cve.org/CVERecord?id=CVE-2024-12133

History

Wed, 21 May 2025 03:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:rhel_eus:9.4

Tue, 20 May 2025 23:15:00 +0000

Type	Values Removed	Values Added
First Time appeared		Redhat rhel Eus
CPEs		cpe:/a:redhat:rhel_eus:9.4::appstream cpe:/o:redhat:rhel_eus:9.4::baseos
Vendors & Products		Redhat rhel Eus
References		https://access.redhat.com/errata/RHSA-2025:8021

Wed, 14 May 2025 03:00:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:enterprise_linux:9 cpe:/o:redhat:enterprise_linux:9

Tue, 13 May 2025 08:45:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/o:redhat:enterprise_linux:9~~	cpe:/a:redhat:enterprise_linux:9::appstream cpe:/o:redhat:enterprise_linux:9::baseos
References		https://access.redhat.com/errata/RHSA-2025:7077

Thu, 24 Apr 2025 03:15:00 +0000

Type	Values Removed	Values Added
CPEs		cpe:/a:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:8

Wed, 23 Apr 2025 12:00:00 +0000

Type	Values Removed	Values Added
CPEs	~~cpe:/o:redhat:enterprise_linux:8~~	cpe:/a:redhat:enterprise_linux:8::appstream cpe:/o:redhat:enterprise_linux:8::baseos
References		https://access.redhat.com/errata/RHSA-2025:4049

Fri, 21 Feb 2025 13:30:00 +0000

Type	Values Removed	Values Added
References		https://lists.debian.org/debian-lts-announce/2025/02/msg00025.html

Mon, 10 Feb 2025 17:15:00 +0000

Type	Values Removed	Values Added
Metrics		ssvc `{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}`

Mon, 10 Feb 2025 16:45:00 +0000

Type	Values Removed	Values Added
References		http://www.openwall.com/lists/oss-security/2025/02/06/6

Mon, 10 Feb 2025 15:30:00 +0000

Type	Values Removed	Values Added
Description	No description is available for this CVE.	A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.
Title	libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS	Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos
First Time appeared		Redhat Redhat enterprise Linux Redhat openshift
CPEs		cpe:/a:redhat:openshift:4 cpe:/o:redhat:enterprise_linux:6 cpe:/o:redhat:enterprise_linux:7 cpe:/o:redhat:enterprise_linux:8 cpe:/o:redhat:enterprise_linux:9
Vendors & Products		Redhat Redhat enterprise Linux Redhat openshift
References		https://access.redhat.com/security/cve/CVE-2024-12133 https://bugzilla.redhat.com/show_bug.cgi?id=2344611

Mon, 10 Feb 2025 13:30:00 +0000

Type	Values Removed	Values Added
Description		No description is available for this CVE.
Title		libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS
Weaknesses		CWE-407
References		https://gitlab.com/gnutls/libtasn1/-/issues/52 https://nvd.nist.gov/vuln/detail/CVE-2024-12133 https://www.cve.org/CVERecord?id=CVE-2024-12133
Metrics	threat_severity `None`	cvssV3_1 `{'score': 5.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L'}` threat_severity `Moderate`

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2025-02-10T15:28:03.193Z

Updated: 2025-05-21T00:16:55.440Z

Reserved: 2024-12-04T03:13:48.478Z

Link: CVE-2024-12133

Vulnrichment

Updated: 2025-02-21T13:06:53.278Z

NVD

Status : Awaiting Analysis

Published: 2025-02-10T16:15:37.260

Modified: 2025-05-20T23:15:18.927

Link: CVE-2024-12133

Redhat

Severity : Moderate

Publid Date: 2025-02-10T00:00:00Z

Links: CVE-2024-12133 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2024-12133", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2024-12-04T03:13:48.478Z", "datePublished": "2025-02-10T15:28:03.193Z", "dateUpdated": "2025-05-21T00:16:55.440Z"}, "containers": {"cna": {"title": "Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos", "metrics": [{"other": {"content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack."}], "affected": [{"versions": [{"status": "affected", "version": "0", "lessThan": "4.20.0", "versionType": "semver"}], "packageName": "libtasn1", "collectionURL": "https://gitlab.com/gnutls/libtasn1/", "defaultStatus": "unaffected"}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtasn1", "defaultStatus": "affected", "versions": [{"version": "0:4.13-5.el8_10", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/o:redhat:enterprise_linux:8::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtasn1", "defaultStatus": "affected", "versions": [{"version": "0:4.13-5.el8_10", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/o:redhat:enterprise_linux:8::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtasn1", "defaultStatus": "affected", "versions": [{"version": "0:4.16.0-9.el9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtasn1", "defaultStatus": "affected", "versions": [{"version": "0:4.16.0-9.el9", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/a:redhat:enterprise_linux:9::appstream", "cpe:/o:redhat:enterprise_linux:9::baseos"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtasn1", "defaultStatus": "affected", "versions": [{"version": "0:4.16.0-8.el9_4.1", "lessThan": "*", "versionType": "rpm", "status": "unaffected"}], "cpes": ["cpe:/o:redhat:rhel_eus:9.4::baseos", "cpe:/a:redhat:rhel_eus:9.4::appstream"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtasn1", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:6"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "libtasn1", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "rhcos", "defaultStatus": "affected", "cpes": ["cpe:/a:redhat:openshift:4"]}], "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:4049", "name": "RHSA-2025:4049", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:7077", "name": "RHSA-2025:7077", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:8021", "name": "RHSA-2025:8021", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2024-12133", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344611", "name": "RHBZ#2344611", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.com/gnutls/libtasn1/-/issues/52"}], "datePublic": "2025-02-10T00:00:00.000Z", "problemTypes": [{"descriptions": [{"cweId": "CWE-407", "description": "Inefficient Algorithmic Complexity", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-407: Inefficient Algorithmic Complexity", "timeline": [{"lang": "en", "time": "2025-02-10T08:14:05.460000+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-02-10T00:00:00+00:00", "value": "Made public."}], "credits": [{"lang": "en", "value": "Red Hat would like to thank Bing Shi for reporting this issue."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-05-21T00:16:55.440Z"}}, "adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2025/02/06/6"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00025.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-02-21T13:06:53.278Z"}}, {"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-02-10T16:25:41.090444Z", "id": "CVE-2024-12133", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-10T16:26:20.251Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "http://www.openwall.com/lists/oss-security/2025/02/06/6"}, {"url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00025.html"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-02-21T13:06:53.278Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2024-12133", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-02-10T16:25:41.090444Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-02-10T16:25:48.564Z"}}], "cna": {"title": "Libtasn1: inefficient der decoding in libtasn1 leading to potential remote dos", "credits": [{"lang": "en", "value": "Red Hat would like to thank Bing Shi for reporting this issue."}], "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Moderate", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"versions": [{"status": "affected", "version": "0", "lessThan": "4.20.0", "versionType": "semver"}], "packageName": "libtasn1", "collectionURL": "https://gitlab.com/gnutls/libtasn1/", "defaultStatus": "unaffected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/o:redhat:enterprise_linux:8::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "versions": [{"status": "unaffected", "version": "0:4.13-5.el8_10", "lessThan": "*", "versionType": "rpm"}], "packageName": "libtasn1", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:enterprise_linux:8::appstream", "cpe:/o:redhat:enterprise_linux:8::baseos"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 8", "versions": [{"status": "unaffected", "version": "0:4.13-5.el8_10", "lessThan": "*", "versionType": "rpm"}], "packageName": "libtasn1", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "0:4.16.0-9.el9", "lessThan": "*", "versionType": "rpm"}], "packageName": "libtasn1", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:9::baseos", "cpe:/a:redhat:enterprise_linux:9::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9", "versions": [{"status": "unaffected", "version": "0:4.16.0-9.el9", "lessThan": "*", "versionType": "rpm"}], "packageName": "libtasn1", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:rhel_eus:9.4::baseos", "cpe:/a:redhat:rhel_eus:9.4::appstream"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 9.4 Extended Update Support", "versions": [{"status": "unaffected", "version": "0:4.16.0-8.el9_4.1", "lessThan": "*", "versionType": "rpm"}], "packageName": "libtasn1", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:6"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 6", "packageName": "libtasn1", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "packageName": "libtasn1", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/a:redhat:openshift:4"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 4", "packageName": "rhcos", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2025-02-10T08:14:05.460000+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2025-02-10T00:00:00+00:00", "value": "Made public."}], "datePublic": "2025-02-10T00:00:00.000Z", "references": [{"url": "https://access.redhat.com/errata/RHSA-2025:4049", "name": "RHSA-2025:4049", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:7077", "name": "RHSA-2025:7077", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/errata/RHSA-2025:8021", "name": "RHSA-2025:8021", "tags": ["vendor-advisory", "x_refsource_REDHAT"]}, {"url": "https://access.redhat.com/security/cve/CVE-2024-12133", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344611", "name": "RHBZ#2344611", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://gitlab.com/gnutls/libtasn1/-/issues/52"}], "descriptions": [{"lang": "en", "value": "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-407", "description": "Inefficient Algorithmic Complexity"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2025-05-20T23:07:37.034Z"}, "x_redhatCweChain": "CWE-407: Inefficient Algorithmic Complexity"}}, "cveMetadata": {"cveId": "CVE-2024-12133", "state": "PUBLISHED", "dateUpdated": "2025-05-20T23:07:37.034Z", "dateReserved": "2024-12-04T03:13:48.478Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2025-02-10T15:28:03.193Z", "assignerShortName": "redhat"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack."}, {"lang": "es", "value": "Una falla en libtasn1 provoca un manejo ineficiente de datos de certificados espec\u00edficos. Al procesar una gran cantidad de elementos en un certificado, libtasn1 tarda mucho m\u00e1s de lo esperado, lo que puede ralentizar o incluso bloquear el sistema. Esta falla permite que un atacante env\u00ede un certificado especialmente manipulado, lo que provoca un ataque de denegaci\u00f3n de servicio."}], "id": "CVE-2024-12133", "lastModified": "2025-05-20T23:15:18.927", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 1.4, "source": "secalert@redhat.com", "type": "Secondary"}]}, "published": "2025-02-10T16:15:37.260", "references": [{"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:4049"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:7077"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/errata/RHSA-2025:8021"}, {"source": "secalert@redhat.com", "url": "https://access.redhat.com/security/cve/CVE-2024-12133"}, {"source": "secalert@redhat.com", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344611"}, {"source": "secalert@redhat.com", "url": "https://gitlab.com/gnutls/libtasn1/-/issues/52"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2025/02/06/6"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/02/msg00025.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-407"}], "source": "secalert@redhat.com", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Bing Shi for reporting this issue.", "affected_release": [{"advisory": "RHSA-2025:4049", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "libtasn1-0:4.13-5.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-04-23T00:00:00Z"}, {"advisory": "RHSA-2025:4049", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "libtasn1-0:4.13-5.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-04-23T00:00:00Z"}, {"advisory": "RHSA-2025:7077", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "libtasn1-0:4.16.0-9.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-05-13T00:00:00Z"}, {"advisory": "RHSA-2025:7077", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "libtasn1-0:4.16.0-9.el9", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-05-13T00:00:00Z"}, {"advisory": "RHSA-2025:8021", "cpe": "cpe:/a:redhat:rhel_eus:9.4", "package": "libtasn1-0:4.16.0-8.el9_4.1", "product_name": "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date": "2025-05-20T00:00:00Z"}], "bugzilla": {"description": "libtasn1: Inefficient DER Decoding in libtasn1 Leading to Potential Remote DoS", "id": "2344611", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2344611"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "status": "verified"}, "cwe": "CWE-407", "details": ["A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.", "A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack."], "name": "CVE-2024-12133", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "libtasn1", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "libtasn1", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Fix deferred", "package_name": "rhcos", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2025-02-10T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2024-12133\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-12133\nhttps://gitlab.com/gnutls/libtasn1/-/issues/52"], "threat_severity": "Moderate"}

Metrics

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact Low

User Interaction None

Exploitation none

Automatable yes

Technical Impact partial

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object