Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

rocky логотип

RLSA-2025:7076

Опубликовано: 04 окт. 2025
Источник: rocky
Оценка: Moderate

Описание

Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.

Security Fix(es):

  • gnutls: GnuTLS Impacted by Inefficient DER Decoding in libtasn1 Leading to Remote DoS (CVE-2024-12243)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the Rocky Linux 9 Release Notes linked from the References section.

Затронутые продукты

  • Rocky Linux 9

НаименованиеАрхитектураРелизRPM
gnutlsi6866.el9gnutls-3.8.3-6.el9.i686.rpm
gnutlsx86_646.el9gnutls-3.8.3-6.el9.x86_64.rpm

Показывать по

Связанные CVE

CVE-2024-12243

Ссылки на источники

Исправления

Связанные уязвимости

ubuntu логотип

CVE-2024-12243

CVSS3: 5.3
ubuntu
10 месяцев назад

A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.

redhat логотип

CVE-2024-12243

CVSS3: 5.3
redhat
10 месяцев назад

A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.

nvd логотип

CVE-2024-12243

CVSS3: 5.3
nvd
10 месяцев назад

A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.

msrc логотип

CVE-2024-12243

CVSS3: 5.3
msrc
9 месяцев назад

Описание отсутствует

debian логотип

CVE-2024-12243

CVSS3: 5.3
debian
10 месяцев назад

A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data pr ...