ALPINE-CVE-2019-3829

A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected...

Double free

A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected...

CVE-2019-3829

A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected...

CVE-2019-3829

A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected...

DEBIAN-CVE-2019-3829

A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected...

CVE-2019-3829

A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected...

CVE-2019-3829

A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected...

CVE-2019-3829

A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected...

CVE-2019-3829

CVE-2019-3829 affects GnuTLS versions prior to 3.6.7 (including 3.5.8+). The issue is a memory corruption (double free) in the certificate verification API (e.g., verify_crt and gnutls_x509_trust_list_verify_crt). This can enable arbitrary code execution or crash scenarios when a client or server...

CVE-2019-3836

A flaw was found in the way gnutls handled malformed TLS 1.3 asynchronous messages. An attacker could use this flaw to crash an application compiled with gnutls via invalid pointer access...

CVE-2019-3829

A double free flaw was found in the way the certificate verification API was implemented for gnutls. An attacker could cause a client or server application compiled against gnutls to crash by parsing a specially-crafted certificate...

CVE-2019-3829

A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected...

GnuTLS -- double free, invalid pointer access

The GnuTLS project reports: Tavis Ormandy from Google Project Zero found a memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected. It was found using the TLS fuzzer...

UBUNTU-CVE-2019-3829

A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption double free vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected...

openSUSE Security Update : gnutls (openSUSE-2019-746)

This update for gnutls fixes the following security issues : - Improved mitigations against Lucky 13 class of attacks - CVE-2018-10846: 'Just in Time' PRIME + PROBE cache-based side channel attack can lead to plaintext recovery bsc1105460 - CVE-2018-10845: HMAC-SHA-384 vulnerable to Lucky thirtee...

EulerOS Virtualization 2.5.2 : libtasn1 (EulerOS-SA-2019-1082)

According to the version of the libtasn1 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - Two errors in the 'asn1findnode' function lib/parseraux.c within GnuTLS libtasn1 version 4.10 can be exploited to cause a...

MGASA-2019-0103 Updated gnutls packages fix security vulnerability

A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade...

Updated gnutls packages fix security vulnerability

A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade...

The vulnerability of the GnuTLS cryptographic library, related to an error in verifying decrypted RSA data, allows a perpetrator to gain access to protected information.

The vulnerability of the GnuTLS cryptographic library is related to an error in the verification of decrypted RSA data. Exploiting this vulnerability could allow an attacker to gain access to protected information by using a secondary cache channel...

gnutls/gnutls_idna_parser_fuzzer: Use-of-uninitialized-value in _idn2_punycode_decode

Project: https://gitlab.com/gnutls/gnutls.git Detailed report: https://oss-fuzz.com/testcase?key=5637280142721024 Project: gnutls Fuzzer: libFuzzergnutlsidnaparserfuzzer Fuzz target binary: gnutlsidnaparserfuzzer Job Type: libfuzzermsangnutls Platform Id: linux Crash Type:...