The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of libksba: denial of service via Certificate Parsing

Synthesis of the vulnerability 

An attacker can generate a fatal error via Certificate Parsing of libksba, in order to trigger a denial of service.
Vulnerable systems: Fedora.
Severity of this threat: 2/4.
Creation date: 02/09/2016.
Références of this weakness: FEDORA-2016-4751a94476, FEDORA-2016-db62a2d5a6, VIGILANCE-VUL-20510.

Description of the vulnerability 

An attacker can generate a fatal error via Certificate Parsing of libksba, in order to trigger a denial of service.
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This weakness note impacts software or systems such as Fedora.

Our Vigil@nce team determined that the severity of this threat note is medium.

The trust level is of type confirmed by the editor, with an origin of document.

An attacker with a expert ability can exploit this computer weakness.

Solutions for this threat 

Fedora: new libksba packages.
New packages are available:
  Fedora 23: libksba 1.3.5-1.fc23
  Fedora 24: libksba 1.3.5-1.fc24
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides software vulnerabilities bulletins. Each administrator can customize the list of products for which he wants to receive vulnerability alerts.