Описание
A TLS 1.3 resumption attempt with an invalid PSK binder value in ClientHello could lead to a denial of service attack via crashing the server.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code not present |
| esm-infra/bionic | not-affected | code not present |
| esm-infra/focal | not-affected | code not present |
| esm-infra/xenial | not-affected | code not present |
| fips-preview/jammy | not-affected | code not present |
| fips-updates/jammy | not-affected | code not present |
| fips-updates/noble | not-affected | code not present |
| jammy | not-affected | code not present |
| noble | not-affected | code not present |
| questing | not-affected | code not present |
Показывать по
10
Ссылки на источники
Связанные уязвимости
CVSS3: 7.5
redhat
около 2 месяцев назад
A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and resulting in a remote Denial of Service (DoS) condition.
