Описание
A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.
A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and denial of service.
Отчет
As mentioned in the upstream advisory and GnuTLS issue 1151 (see External References) this flaw is not easily exploitable and it only happens intermittently (denial of service is not always practical). For this reason, this flaw has been rated as having a security impact of Moderate.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 6 | gnutls | Not affected | ||
| Red Hat Enterprise Linux 7 | gnutls | Not affected | ||
| Red Hat Enterprise Linux 9 | gnutls | Not affected | ||
| Red Hat Enterprise Linux 8 | gnutls | Fixed | RHSA-2021:4451 | 09.11.2021 |
| Red Hat Enterprise Linux 8 | nettle | Fixed | RHSA-2021:4451 | 09.11.2021 |
| Red Hat Enterprise Linux 8 | gnutls | Fixed | RHSA-2021:4451 | 09.11.2021 |
| Red Hat Enterprise Linux 8 | nettle | Fixed | RHSA-2021:4451 | 09.11.2021 |
Показывать по
Дополнительная информация
Статус:
3.7 Low
CVSS3
Связанные уязвимости
A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.
A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.
A flaw was found in gnutls. A use after free issue in client_send_para ...
A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.
3.7 Low
CVSS3