Summary
A read buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate verification despite failure to construct a path to a trusted issuer.
Products Potentially Affected
| OS/Product |
Exposure |
| Network OS |
No |
Please see the full security advisory article here for more details.
