29 matches found
CLSA-2025-1744390816 gnutls: Fix of CVE-2024-0567
CVE-2024-0567: detect loop in certificate chain...
Advisory ROSA-SA-2025-2607
software: gnutls 3.8.4 OS: ROSA-CHROME packageevrstring: gnutls-3.8.4-1 CVE-ID: CVE-2024-0553 BDU-ID: 2024-00707 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the GnuTLS transport layer cryptographic library is related to a difference in response time when processing an RSA ciphertext in a...
Security Bulletin: IBM Storage Ceph is vulnerable to Improper Verification of Cryptographic Signature in the RHEL UBI (CVE-2024-0567)
Summary RHEL UBI is used by IBM Storage Ceph as the base operating system. This bulletin identifies the steps to take to address the vulnerability in the RHEL UBI. CVE-2024-0567. Vulnerability Details CVEID:CVE-2024-0567 DESCRIPTION: GnuTLS is vulnerable to a denial of service, caused by a flaw...
Photon OS 4.0: Gnutls PHSA-2024-4.0-0556
An update of the gnutls package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0556. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CBL Mariner 2.0 Security Update: gnutls (CVE-2024-0567)
The version of gnutls installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-0567 advisory. - A vulnerability was found in GnuTLS, where a cockpit which uses gnuTLS rejects a certificate chain with...
CVE-2024-0567 affecting package gnutls for versions less than 3.8.3-1
CVE-2024-0567 affecting package gnutls for versions less than 3.8.3-1. An upgraded version of the package is available that resolves this issue...
Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1740)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP12 : gnutls (EulerOS-SA-2024-1740)
According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of...
Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1607)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 2.11.0 : gnutls (EulerOS-SA-2024-1626)
According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the...
EulerOS Virtualization 2.11.1 : gnutls (EulerOS-SA-2024-1607)
According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the...
CVE-2024-0567 affecting package gnutls for versions less than 3.7.11-1
CVE-2024-0567 affecting package gnutls for versions less than 3.7.11-1. A patched version of the package is available...
Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1213)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP11 : gnutls (EulerOS-SA-2024-1213)
According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of...
CLSA-2024-1710184399 gnutls: Fix of 3 CVEs
Keep the broken pkcs11 tests disabled. - Added CVE-2024-0567 PoC test. - CVE-2023-5981-pre1: improve level of randomness for each operations, always use gnutlsswitchlibstate for pk wrappers. - CVE-2023-5981-pre2: add constant time/cache operations to prevent or minimaze timining or cache side...
openSUSE Security Advisory (SUSE-SU-2024:0638-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2023 : gnutls, gnutls-c++, gnutls-dane (ALAS2023-2024-521)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-521 advisory. A vulnerability was found in GnuTLS, where a cockpit which uses gnuTLS rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with...
CLSA-2024-1708029936 gnutls: Fix of CVE-2024-0567
CVE-2024-0567: x509: detect loop in certificate chain...
Fedora: Security Advisory for gnutls (FEDORA-2024-c43a6cc3f8)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
AlmaLinux 9 : gnutls (ALSA-2024:0533)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:0533 advisory. - A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with...