Unrated severityNVD Advisory· Published Aug 24, 2015· Updated May 6, 2026
CVE-2015-6251
CVE-2015-6251
Description
Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate.
Affected products
28cpe:2.3:a:gnu:gnutls:3.3.0:-:*:*:*:*:*:*+ 21 more
- cpe:2.3:a:gnu:gnutls:3.3.0:-:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.3.0:pre0:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.3.12:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.3.13:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.3.14:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.3.15:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.3.16:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:gnu:gnutls:3.4.3:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- osv-coords5 versionspkg:rpm/opensuse/gnutls&distro=openSUSE%20Tumbleweedpkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Desktop%2012pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%2012pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012
< 3.4.15-1.1+ 4 more
- (no CPE)range: < 3.4.15-1.1
- (no CPE)range: < 3.2.15-11.1
- (no CPE)range: < 3.2.15-11.1
- (no CPE)range: < 3.2.15-11.1
- (no CPE)range: < 3.2.15-11.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
10- www.gnutls.org/security.htmlnvdVendor Advisory
- lists.fedoraproject.org/pipermail/package-announce/2015-September/165286.htmlnvd
- lists.opensuse.org/opensuse-updates/2015-09/msg00001.htmlnvd
- www.debian.org/security/2015/dsa-3334nvd
- www.openwall.com/lists/oss-security/2015/08/10/1nvd
- www.openwall.com/lists/oss-security/2015/08/17/6nvd
- www.securityfocus.com/bid/76267nvd
- www.securitytracker.com/id/1033226nvd
- bugzilla.redhat.com/show_bug.cginvd
- gitlab.com/gnutls/gnutls/commit/272854367efc130fbd4f1a51840d80c630214e12nvd
News mentions
0No linked articles in our index yet.