{"id":"CVE-2016-2053","details":"The asn1_ber_decoder function in lib/asn1_decoder.c in the Linux kernel before 4.3 allows attackers to cause a denial of service (panic) via an ASN.1 BER file that lacks a public key, leading to mishandling by the public_key_verify_signature function in crypto/asymmetric_keys/public_key.c.","modified":"2026-03-15T22:05:32.979204Z","published":"2016-05-02T10:59:25.470Z","related":["SUSE-SU-2016:1672-1","SUSE-SU-2016:1690-1","SUSE-SU-2016:1937-1","SUSE-SU-2016:1961-1","SUSE-SU-2016:1985-1","SUSE-SU-2016:1994-1","SUSE-SU-2016:1995-1","SUSE-SU-2016:2000-1","SUSE-SU-2016:2001-1","SUSE-SU-2016:2002-1","SUSE-SU-2016:2003-1","SUSE-SU-2016:2005-1","SUSE-SU-2016:2006-1","SUSE-SU-2016:2007-1","SUSE-SU-2016:2009-1","SUSE-SU-2016:2010-1","SUSE-SU-2016:2011-1","SUSE-SU-2016:2014-1","SUSE-SU-2016:2105-1","SUSE-SU-2016:2245-1"],"references":[{"type":"ADVISORY","url":"http://www.openwall.com/lists/oss-security/2016/01/25/4"},{"type":"ADVISORY","url":"http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=0d62e9dd6da45bbf0f33a8617afc5fe774c8f45f"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00044.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00054.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00021.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-2574.html"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1036763"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00008.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00009.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00014.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00016.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00018.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00026.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-2584.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00052.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00000.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00015.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00017.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00019.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00044.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00055.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00003.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00007.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00020.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00022.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00023.html"},{"type":"REPORT","url":"https://bugzilla.redhat.com/show_bug.cgi?id=1300237"},{"type":"FIX","url":"https://github.com/torvalds/linux/commit/0d62e9dd6da45bbf0f33a8617afc5fe774c8f45f"}],"affected":[{"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"fixed":"4.3"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-2053.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}