FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

Botan BER Decoder vulnerabilities

Affected packages
botan110 < 1.10.10

Details

VuXML ID 2004616d-f66c-11e5-b94c-001999f8d30b
Discovery 2015-08-03
Entry 2016-03-31

The botan developers reports:

Excess memory allocation in BER decoder - The BER decoder would allocate a fairly arbitrary amount of memory in a length field, even if there was no chance the read request would succeed. This might cause the process to run out of memory or invoke the OOM killer.

Crash in BER decoder - The BER decoder would crash due to reading from offset 0 of an empty vector if it encountered a BIT STRING which did not contain any data at all. This can be used to easily crash applications reading untrusted ASN.1 data, but does not seem exploitable for code execution.

References

CVE Name CVE-2015-5726
CVE Name CVE-2015-5727
URL http://botan.randombit.net/security.html