117 matches found
SUSE CVE-2021-4209
A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances...
SUSE CVE-2022-1615
In Samba, GnuTLS gnutlsrnd can fail and give predictable random values...
USN-5750-1: GnuTLS vulnerability
It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service...
DEBIAN-CVE-2021-4209
A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances...
CVE-2021-4209
A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances...
The vulnerability in the `client_send_params` function of the `lib/ext/pre_shared_key.c` component of the Transport Layer Security library GnuTLS, related to the use of memory after it is freed, allows a attacker to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of the clientsendparams function in the lib/ext/presharedkey.c component of the Transport Layer Security library GnuTLS is related to the use of memory after it is freed. Exploiting this vulnerability could allow an attacker to gain access to confidential data, compromise its...
USN-5029-1: GnuTLS vulnerabilities
It was discovered that GnuTLS incorrectly handled sending certain extensions when being used as a client. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code...
A flaw was found in gnutls. A use after free issue in client sending key_share extension may lead to memory corruption and other consequences.
...
UBUNTU-CVE-2021-20232
A flaw was found in gnutls. A use after free issue in clientsendparams in lib/ext/presharedkey.c may lead to memory corruption and other potential consequences...
Linbit csync2 输入验证错误漏洞
Linbit csync2 is a cluster synchronization tool from Austrian company Linbit, which is mainly used to keep files on multiple hosts in a cluster synchronized. A security vulnerability exists in LINBIT csync2 version 2.0 and earlier versions, which stems from a failure to properly check the return...
ALPINE-CVE-2020-24659
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a norenegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the...
DEBIAN-CVE-2020-14154
Mutt before 1.14.3 proceeds with a connection even if, in response to a GnuTLS certificate prompt, the user rejects an expired intermediate certificate...
The vulnerability of the implementation of the HMAC-SHA-256 mechanism in the GnuTLS cryptographic library allows a perpetrator to carry out an “Lucky 13” attack and a attack that recovers the plaintext.
The vulnerability of the HMAC-SHA-256 mechanism implemented in the GnuTLS cryptographic library is related to errors in the implementation of the cryptographic algorithm. Exploiting this vulnerability allows a malicious actor to perform both a “Lucky 13” attack and an attack that recovers the...
ALPINE-CVE-2020-11501
GnuTLS 3.6.x before 3.6.13 uses incorrect cryptography for DTLS. The earliest affected version is 3.6.3 2018-07-16 because of an error in a 2017-10-06 commit. The DTLS client always uses 32 '\0' bytes instead of a random value, and thus contributes no randomness to a DTLS negotiation. This breaks...
USN-4233-1: GnuTLS update
As a security improvement, this update marks SHA1 as being untrusted for digital signature operations...
DEBIAN-CVE-2018-21029
systemd 239 through 245 accepts any certificate signed by a trusted certificate authority for DNS Over TLS. Server Name Indication SNI is not sent, and there is no hostname validation with the GnuTLS backend. NOTE: This has been disputed by the developer as not a vulnerability since hostname...
PT-2019-10455 · Systemd +1 · Systemd +1
Name of the Vulnerable Software and Affected Versions: systemd versions 239 through 245 Description: The issue concerns the acceptance of any certificate signed by a trusted certificate authority for DNS Over TLS, without sending Server Name Indication SNI and without hostname validation when usi...
gnutls: Heap read overflow in read-packet.c
Multiple heap-based buffer overflows in the readattribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow remote attackers to have unspecified impact via a crafted OpenPGP certificate...
The vulnerability of the read_attribute function in the GnuTLS library, related to the occurrence of operations outside the buffer boundaries in memory, allows attackers to compromise the integrity and accessibility of data.
The vulnerability of the readattribute function in the GnuTLS library is related to buffer overflow attacks. Exploiting this vulnerability allows a remote attacker to compromise the integrity and accessibility of data through a specially created OpenPGP certificate...
DEBIAN-CVE-2017-7507
GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. This could lead to a crash of the GnuTLS server application...