Denial of Service via stack-based buffer overflow in asn1_expend_octet_string
Summary
Denial of Service via stack-based buffer overflow in asn1_expend_octet_string. Red Hat rates this low (CVSS 5.9). Weakness: CWE-120. Affected package(s): insights-proxy/insights-proxy-container-rhel9:1782890503, libtasn1, libtasn1-main, discovery/discovery-ui-rhel9:1782756541, discovery/discovery-server-rhel9:1782763840. Resolved in Red Hat advisory RHSA-2026:28235 — update the affected packages (`sudo dnf update`).
- insights-proxy/insights-proxy-container-rhel9:1782890503
- libtasn1-0:4.16.0-10.el9_8
- libtasn1-main-4.21.0-1.1.hum1
- discovery/discovery-ui-rhel9:1782756541
- discovery/discovery-server-rhel9:1782763840
- libtasn1-0:4.20.0-5.el10_2
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
- RHSA-2026:28235
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Mitigation checklist
- Update the affected package(s) to the fixed version shipped in RHSA-2026:28235 (`sudo dnf update` / `yum update`).
Official advisory · high-confidence parse· fetched 1 day ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.