The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x
before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote
attackers to cause a denial of service (out-of-bounds write) via a crafted
(1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate
signing requests (CSR), related to generating key IDs.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 17.10 | noarch | gnutls28 | <Â 3.3.8-3ubuntu2 | UNKNOWN |
ubuntu | 18.04 | noarch | gnutls28 | <Â 3.3.8-3ubuntu2 | UNKNOWN |
ubuntu | 18.10 | noarch | gnutls28 | <Â 3.3.8-3ubuntu2 | UNKNOWN |
ubuntu | 19.04 | noarch | gnutls28 | <Â 3.3.8-3ubuntu2 | UNKNOWN |
ubuntu | 14.10 | noarch | gnutls28 | <Â 3.2.16-1ubuntu2.1 | UNKNOWN |
ubuntu | 15.04 | noarch | gnutls28 | <Â 3.3.8-3ubuntu2 | UNKNOWN |
ubuntu | 15.10 | noarch | gnutls28 | <Â 3.3.8-3ubuntu2 | UNKNOWN |
ubuntu | 16.04 | noarch | gnutls28 | <Â 3.3.8-3ubuntu2 | UNKNOWN |
ubuntu | 16.10 | noarch | gnutls28 | <Â 3.3.8-3ubuntu2 | UNKNOWN |
ubuntu | 17.04 | noarch | gnutls28 | <Â 3.3.8-3ubuntu2 | UNKNOWN |