View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2016-4354 severity important: SUSE including 3 source package names (libksba, libksba-devel, libksba8), 20 product×package rows across 13 product lines (SUSE Linux Enterprise Desktop 11 SP4, SUSE Linux Enterprise Desktop 12, … (13 product lines)): Known Not Affected 20.
ber-decoder.c in Libksba before 1.3.3 uses an incorrect integer data type, which allows remote attackers to cause a denial of service (crash) via crafted BER data, which leads to a buffer overflow.