ELSA-2025-4051

Опубликовано: 21 апр. 2025

Источник: oracle-oval

Платформа: Oracle Linux 8

Описание

ELSA-2025-4051: gnutls security update (MODERATE)

[3.6.16-8.3]

Backport the fix for CVE-2024-12243

Обновленные пакеты

Oracle Linux 8

Oracle Linux aarch64

gnutls

3.6.16-8.el8_10.3

gnutls-c++

3.6.16-8.el8_10.3

gnutls-dane

3.6.16-8.el8_10.3

gnutls-devel

3.6.16-8.el8_10.3

gnutls-utils

3.6.16-8.el8_10.3

Oracle Linux x86_64

gnutls

3.6.16-8.el8_10.3

gnutls-c++

3.6.16-8.el8_10.3

gnutls-dane

3.6.16-8.el8_10.3

gnutls-devel

3.6.16-8.el8_10.3

gnutls-utils

3.6.16-8.el8_10.3

Связанные CVE

CVE-2024-12243

Ссылки на источники

Связанные уязвимости

CVE-2024-12243

CVSS3: 5.3

ubuntu

6 месяцев назад

A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.