System downtime, or privilege escalation.
**Source:**HP, HP Product Security Response Team (PSRT)
Reported by: HP
A flaw was found in the way the Linux kernelβs ASN.1 DER decoder processed certain certificate files with tags of indefinite length. A local, unprivileged user could use a specially crafted X.509 certificate DER file to crash the system or, potentially, escalate his or her privileges on the system.
HP has released the following software updates to resolve the vulnerability. Patches for the affected version of HP ThinPro can be found through the links below: