Critical Vulnerability in PolarSSL

A vulnerability was discovered in the encryption library PolarSSL, which is popular on mobile devices, allowing remote execution of arbitrary code through a specially prepared certificate. The vulnerability lies in the error when processing the ASN.1 certificate fields: in the asn1_get_sequence_of () function, the pointer to the asn1_sequence linked list is not initialized, which can lead to a call to the polarssl_free () function with an uninitialized pointer and, ultimately, to the execution of malicious code.
The vulnerability manifests itself at the moment of certificate analysis, which means that malicious code can be executed both on the client side and on the server side.

All current versions of PolarSSL are vulnerable. There is still no official patch to fix the vulnerability, but there is an unofficial one .
')
The PolarSSL library is most often used in mobile and embedded devices. For example, OpenVPN uses it for iOS and Android clients, as well as for routers under OpenWRT.

Certified Secure Advisory 14-01-2015-0.1 - PolarSSL
PolarSSL Security Advisory 2014-04