Unrated severityNVD Advisory· Published Dec 30, 2020· Updated Aug 5, 2024
CVE-2019-15523
CVE-2019-15523
Description
An issue was discovered in LINBIT csync2 through 2.0. It does not correctly check for the return value GNUTLS_E_WARNING_ALERT_RECEIVED of the gnutls_handshake() function. It neglects to call this function again, as required by the design of the API.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
10- LINBIT/csync2description
- osv-coords8 versionspkg:rpm/opensuse/csync2&distro=openSUSE%20Leap%2015.2pkg:rpm/opensuse/csync2&distro=openSUSE%20Tumbleweedpkg:rpm/suse/csync2&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP3pkg:rpm/suse/csync2&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP4pkg:rpm/suse/csync2&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2012%20SP5pkg:rpm/suse/csync2&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015pkg:rpm/suse/csync2&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP1pkg:rpm/suse/csync2&distro=SUSE%20Linux%20Enterprise%20High%20Availability%20Extension%2015%20SP2
< 2.0+git.1461714863.10636a4-lp152.5.3.1+ 7 more
- (no CPE)range: < 2.0+git.1461714863.10636a4-lp152.5.3.1
- (no CPE)range: < 2.0+git.1600444747.83b3644-1.3
- (no CPE)range: < 2.0+git.1368794815.cf835a7-3.9.5
- (no CPE)range: < 2.0+git.1368794815.cf835a7-3.9.5
- (no CPE)range: < 2.0+git.1368794815.cf835a7-3.9.5
- (no CPE)range: < 2.0+git.1461714863.10636a4-4.6.1
- (no CPE)range: < 2.0+git.1461714863.10636a4-4.6.1
- (no CPE)range: < 2.0+git.1461714863.10636a4-4.6.1
Patches
Vulnerability mechanics
References
2- github.com/LINBIT/csync2/pull/13/commits/92742544a56bcbcd9ec99ca15f898b31797e39e2mitrex_refsource_MISC
- lists.debian.org/debian-lts-announce/2021/01/msg00003.htmlmitremailing-listx_refsource_MLIST
News mentions
0No linked articles in our index yet.