Описание
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 3.8.9-2ubuntu1 |
| esm-infra/bionic | needs-triage | |
| esm-infra/focal | not-affected | 3.6.13-2ubuntu1.12 |
| esm-infra/xenial | needs-triage | |
| fips-preview/jammy | needed | |
| fips-updates/jammy | released | 3.7.3-4ubuntu1.6+Fips1 |
| focal | released | 3.6.13-2ubuntu1.12 |
| jammy | released | 3.7.3-4ubuntu1.6 |
| noble | released | 3.8.3-1.1ubuntu3.3 |
| oracular | released | 3.8.6-2ubuntu1.1 |
Показывать по
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data pr ...
EPSS
5.3 Medium
CVSS3