System downtime, or privilege escalation.
Source:HP, HP Product Security Response Team (PSRT)
Reported by: HP
A flaw was found in the way the Linux kernel's ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 certificate DER file to crash the system or, potentially, escalate his or her privileges on the system.
VULNERABILITY SUMMARY
Reference
|
Base Vector
|
Base Score
|
CVE-2016-0758
|
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
7.2
|
PI
|
HP Printing and Imaging
|
HF
|
HP Hardware and Firmware
|
GN
|
HP General Software
|