High severity7.5NVD Advisory· Published Apr 14, 2017· Updated Jun 17, 2026
CVE-2017-7869
CVE-2017-7869
Description
GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
11- osv-coords10 versionspkg:rpm/opensuse/gnutls&distro=openSUSE%20Tumbleweedpkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2011%20SP4pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2
< 3.7.2-1.2+ 9 more
- (no CPE)range: < 3.7.2-1.2
- (no CPE)range: < 3.2.15-18.3.1
- (no CPE)range: < 2.4.1-24.39.70.1
- (no CPE)range: < 2.4.1-24.39.70.1
- (no CPE)range: < 3.2.15-18.3.1
- (no CPE)range: < 3.2.15-18.3.1
- (no CPE)range: < 2.4.1-24.39.70.1
- (no CPE)range: < 3.2.15-18.3.1
- (no CPE)range: < 2.4.1-24.39.70.1
- (no CPE)range: < 3.2.15-18.3.1
Patches
Vulnerability mechanics
References
5- gitlab.com/gnutls/gnutls/commit/51464af713d71802e3c6d5ac15f1a95132a354fenvdPatch
- www.gnutls.org/security.htmlnvdPatchVendor Advisory
- www.securityfocus.com/bid/97040nvdThird Party AdvisoryVDB Entry
- bugs.chromium.org/p/oss-fuzz/issues/detailnvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:2292nvd
News mentions
0No linked articles in our index yet.