Unrated severityNVD Advisory· Published Apr 1, 2019· Updated Aug 4, 2024
CVE-2019-3836
CVE-2019-3836
Description
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
18- Range: >=3.6.3, <3.6.7
- osv-coords16 versionspkg:apk/chainguard/gnutlspkg:apk/chainguard/gnutls-c++pkg:apk/chainguard/gnutls-c%2B%2Bpkg:apk/chainguard/gnutls-devpkg:apk/chainguard/gnutls-docpkg:apk/chainguard/gnutls-utilspkg:apk/wolfi/gnutlspkg:apk/wolfi/gnutls-c++pkg:apk/wolfi/gnutls-c%2B%2Bpkg:apk/wolfi/gnutls-devpkg:apk/wolfi/gnutls-docpkg:apk/wolfi/gnutls-utilspkg:rpm/opensuse/gnutls&distro=openSUSE%20Leap%2015.0pkg:rpm/opensuse/gnutls&distro=openSUSE%20Tumbleweedpkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Desktop%20Applications%2015
< 0+ 15 more
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 0
- (no CPE)range: < 3.6.7-lp150.9.1
- (no CPE)range: < 3.7.2-1.2
- (no CPE)range: < 3.6.7-6.8.1
- (no CPE)range: < 3.6.7-6.8.1
- Range: fixed in gnutls 3.6.7
Patches
Vulnerability mechanics
References
8- lists.opensuse.org/opensuse-security-announce/2019-05/msg00017.htmlmitrevendor-advisoryx_refsource_SUSE
- access.redhat.com/errata/RHSA-2019:3600mitrevendor-advisoryx_refsource_REDHAT
- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A3ETBUFBB4G7AITAOUYPGXVMBGVXKUAN/mitrevendor-advisoryx_refsource_FEDORA
- security.gentoo.org/glsa/201904-14mitrevendor-advisoryx_refsource_GENTOO
- usn.ubuntu.com/3999-1/mitrevendor-advisoryx_refsource_UBUNTU
- bugzilla.redhat.com/show_bug.cgimitrex_refsource_CONFIRM
- gitlab.com/gnutls/gnutls/issues/704mitrex_refsource_CONFIRM
- security.netapp.com/advisory/ntap-20190502-0005/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.