logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2012-1573

Description

gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with a block cipher, which allows remote attackers to cause a denial of service (heap memory corruption and application crash) via a crafted record, as demonstrated by a crafted GenericBlockCipher structure. #### Bugs * <https://bugzilla.redhat.com/show_bug.cgi?id=805432> * <https://bugs.launchpad.net/bugs/978661>


Affected Package


OS OS Version Package Name Package Version
ubuntu upstream gnutls13 any
ubuntu 10.04 gnutls26 2.8.5-2ubuntu0.1
ubuntu 10.10 gnutls26 2.8.6-1ubuntu0.1
ubuntu 11.04 gnutls26 2.8.6-1ubuntu2.1
ubuntu 11.10 gnutls26 2.10.5-1ubuntu3.1
ubuntu 12.04 gnutls26 2.12.14-5ubuntu3
ubuntu 12.10 gnutls26 2.12.14-5ubuntu3
ubuntu 13.04 gnutls26 2.12.14-5ubuntu3
ubuntu 13.10 gnutls26 2.12.14-5ubuntu3
ubuntu 14.04 gnutls26 2.12.14-5ubuntu3
ubuntu upstream gnutls26 2.12.18
ubuntu 14.10 gnutls26 2.12.14-5ubuntu3
ubuntu 12.04 gnutls28 any
ubuntu upstream gnutls28 3.0.15

Related