121 matches found
gnutls: gnutls: Information disclosure via heap overread in RSA key exchange
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...
gnutls: gnutls: Information disclosure via heap overread in RSA key exchange
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...
gnutls: gnutls: Information disclosure via heap overread in RSA key exchange
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...
Important: Red Hat Security Advisory: gnutls and libtasn1 security update
An update for multiple packages is now available for Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support and Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On. Red Hat Product Security has rated this update as having a security impact of Important. A Common...
gnutls: gnutls: Information disclosure via heap overread in RSA key exchange
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...
Gnutls: gnutls: information disclosure via heap overread in rsa key exchange
...
CVE-2026-5260
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...
CVE-2026-5260 Gnutls: gnutls: information disclosure via heap overread in rsa key exchange
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...
CVE-2026-5260
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...
CVE-2026-5260
CVE-2026-5260 is a memory corruption vulnerability in libgnutls. A remote attacker can trigger a short heap overread during an RSA key exchange when the server uses an RSA key backed by a PKCS#11 token by sending an extremely short premaster secret. This could lead to information disclosure. Publ...
CVE-2026-5260 Gnutls: gnutls: information disclosure via heap overread in rsa key exchange
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...
gnutls: gnutls: Information disclosure via heap overread in RSA key exchange
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...
gnutls: gnutls: Information disclosure via heap overread in RSA key exchange
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...
gnutls: gnutls: Information disclosure via heap overread in RSA key exchange
A flaw was found in libgnutls. A remote attacker, by sending an extremely short premaster secret during an RSA key exchange to a server using an RSA key backed by a PKCS11 token, could trigger a short heap overread. This memory corruption vulnerability could lead to information disclosure...
Linux Distros Unpatched Vulnerability : CVE-2026-48850
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - PuTTY 0.72 before 0.84 has a double free in RSA KEX. CVE-2026-48850 Note that Nessus relies on the presence of the package as reported by the vendor...
Amazon Linux 2023 : gnutls, gnutls-c++, gnutls-dane (ALAS2023-2026-1757)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1757 advisory. GnuTLS didn't check that DTLS fragments claimed a consistent messagelength value. Additionally, a crucial array size check was missing, enabling an attacker to cause a heap overwrite...
DEBIAN-CVE-2026-48850
PuTTY 0.72 before 0.84 has a double free in RSA KEX...
UBUNTU-CVE-2026-48850
PuTTY 0.72 before 0.84 has a double free in RSA KEX...
CVE-2026-48850
PuTTY 0.72 before 0.84 has a double free in RSA KEX...
CVE-2026-48850
PuTTY 0.72 before 0.84 contains a double free in RSA KEX (CVE-2026-48850). Affected: PuTTY 0.72–0.83. Root cause: memory management error during RSA key exchange. Impact: availability impact described as High by CVE data; other impact not indicated. Exploitation status is not provided in the docu...