22 matches found
Alibaba Cloud Linux 3 : 0008: gnutls (ALINUX3-SA-2021:0008)
The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2021:0008 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2019-3829: A vulnerability was found i...
Oracle Linux 8 : gnutls (ELSA-2019-3600)
The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-3600 advisory. - Fixed CVE-2019-3829 1693285 - Fixed CVE-2019-3836 1693288 Tenable has extracted the preceding description block directly from the Oracle Linux securi...
BELL-CVE-2019-3836 CVE-2019-3836 does not affect BellSoft software
Bulletin has no description...
SUSE: Security Advisory (SUSE-SU-2019:1121-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu: Security Advisory (USN-3999-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Ubuntu 16.04 LTS / 18.04 LTS : GnuTLS vulnerabilities (USN-3999-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3999-1 advisory. Eyal Ronen, Kenneth G. Paterson, and Adi Shamir discovered that GnuTLS was vulnerable to a timing side- channel attack known as the Lucky...
USN-3999-1: GnuTLS vulnerabilities
Eyal Ronen, Kenneth G. Paterson, and Adi Shamir discovered that GnuTLS was vulnerable to a timing side-channel attack known as the "Lucky Thirteen" issue. A remote attacker could possibly use this issue to perform plaintext-recovery attacks via analysis of timing data. This issue only affected...
openSUSE: Security Advisory for gnutls (openSUSE-SU-2019:1353-1)
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : gnutls (openSUSE-2019-1353)
This update for gnutls fixes to version 3.6.7 the following issues : Security issued fixed : - CVE-2019-3836: Fixed an invalid pointer access via malformed TLS1.3 async messages bsc1130682. - CVE-2019-3829: Fixed a double free vulnerability in the certificate verification API bsc1130681. -...
Fedora Update for gnutls FEDORA-2019-e8c1cf958f
The remote host is missing an update for the Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
SUSE SLED15 / SLES15 Security Update : gnutls (SUSE-SU-2019:1121-1)
This update for gnutls fixes to version 3.6.7 the following issues : Security issued fixed : CVE-2019-3836: Fixed an invalid pointer access via malformed TLS1.3 async messages bsc1130682. CVE-2019-3829: Fixed a double free vulnerability in the certificate verification API bsc1130681...
GLSA-201904-14 : GnuTLS: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201904-14 GnuTLS: Multiple vulnerabilities Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers referenced below for details. Impact : Please review the CVE identifiers referenced below for...
[ASA-201904-2] gnutls: multiple issues
Arch Linux Security Advisory ASA-201904-2 ========================================= Severity: Critical Date : 2019-04-05 CVE-ID : CVE-2019-3829 CVE-2019-3836 Package : gnutls Type : multiple issues Remote : Yes Link : https://security.archlinux.org/AVG-945 Summary ======= The package gnutls befor...
CVE-2019-3836
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages...
CVE-2019-3836
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages...
CVE-2019-3836
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages...
CVE-2019-3836
GNUTLS CVE-2019-3836: uninitialized/invalid pointer access in post-handshake message handling (TLS1.3 async messages) on versions prior to 3.6.7. Remote attacker can cause crash/Denial of Service; may enable arbitrary code execution per related advisories. Remediation: upgrade to GNUTLS 3.6.7 or ...
CVE-2019-3836
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages...
CVE-2019-3836
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages...
Fedora 29 : gnutls (2019-e8c1cf958f)
Update to upstream release 3.6.7 Security fix for CVE-2019-3836 and CVE-2019-3829 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without...