rpm package
opensuse/gnutls&distro=openSUSE Tumbleweed
pkg:rpm/opensuse/gnutls&distro=openSUSE%20Tumbleweed
Vulnerabilities (50)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-12243 | Med | 5.3 | < 3.8.9-1.1 | 3.8.9-1.1 | Feb 10, 2025 | A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to sen | |
| CVE-2024-12133 | Med | 5.3 | < 3.8.9-1.1 | 3.8.9-1.1 | Feb 10, 2025 | A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially craft | |
| CVE-2024-28834 | Med | 5.3 | < 3.8.4-1.1 | 3.8.4-1.1 | Mar 21, 2024 | A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noti | |
| CVE-2024-28835 | Med | 5.0 | < 3.8.4-1.1 | 3.8.4-1.1 | Mar 21, 2024 | A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command. | |
| CVE-2024-0567 | — | < 3.8.3-1.1 | 3.8.3-1.1 | Jan 16, 2024 | A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to in | ||
| CVE-2024-0553 | — | < 3.8.3-1.1 | 3.8.3-1.1 | Jan 16, 2024 | A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA- | ||
| CVE-2023-5981 | — | < 3.8.2-1.1 | 3.8.2-1.1 | Nov 28, 2023 | A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. | ||
| CVE-2023-0361 | — | < 3.7.9-1.2 | 3.7.9-1.2 | Feb 15, 2023 | A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attac | ||
| CVE-2022-2509 | — | < 3.7.7-1.1 | 3.7.7-1.1 | Aug 1, 2022 | A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function. | ||
| CVE-2021-20232 | — | < 3.7.2-1.2 | 3.7.2-1.2 | Mar 12, 2021 | A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences. | ||
| CVE-2020-13777 | — | < 3.7.2-1.2 | 3.7.2-1.2 | Jun 4, 2020 | GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first | ||
| CVE-2019-3836 | — | < 3.7.2-1.2 | 3.7.2-1.2 | Apr 1, 2019 | It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages. | ||
| CVE-2019-3829 | — | < 3.7.2-1.2 | 3.7.2-1.2 | Mar 27, 2019 | A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected. | ||
| CVE-2018-10846 | Med | 5.6 | < 3.7.2-1.2 | 3.7.2-1.2 | Aug 22, 2018 | A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets. | |
| CVE-2016-8610 | Hig | 7.5 | < 3.7.2-1.2 | 3.7.2-1.2 | Nov 13, 2017 | A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amoun | |
| CVE-2017-7869 | Hig | 7.5 | < 3.7.2-1.2 | 3.7.2-1.2 | Apr 14, 2017 | GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10. | |
| CVE-2015-6251 | — | < 3.4.15-1.1 | 3.4.15-1.1 | Aug 24, 2015 | Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate. | ||
| CVE-2014-8564 | — | < 3.4.15-1.1 | 3.4.15-1.1 | Nov 13, 2014 | The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) ce | ||
| CVE-2014-3466 | — | < 3.4.15-1.1 | 3.4.15-1.1 | Jun 3, 2014 | Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a Se | ||
| CVE-2014-1959 | — | < 3.4.15-1.1 | 3.4.15-1.1 | Mar 7, 2014 | lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates. |
- affected < 3.8.9-1.1fixed 3.8.9-1.1
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to sen
- affected < 3.8.9-1.1fixed 3.8.9-1.1
A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially craft
- affected < 3.8.4-1.1fixed 3.8.4-1.1
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noti
- affected < 3.8.4-1.1fixed 3.8.4-1.1
A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.
- CVE-2024-0567Jan 16, 2024affected < 3.8.3-1.1fixed 3.8.3-1.1
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to in
- CVE-2024-0553Jan 16, 2024affected < 3.8.3-1.1fixed 3.8.3-1.1
A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-
- CVE-2023-5981Nov 28, 2023affected < 3.8.2-1.1fixed 3.8.2-1.1
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
- CVE-2023-0361Feb 15, 2023affected < 3.7.9-1.2fixed 3.7.9-1.2
A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attac
- CVE-2022-2509Aug 1, 2022affected < 3.7.7-1.1fixed 3.7.7-1.1
A vulnerability found in gnutls. This security flaw happens because of a double free error occurs during verification of pkcs7 signatures in gnutls_pkcs7_verify function.
- CVE-2021-20232Mar 12, 2021affected < 3.7.2-1.2fixed 3.7.2-1.2
A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.
- CVE-2020-13777Jun 4, 2020affected < 3.7.2-1.2fixed 3.7.2-1.2
GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first
- CVE-2019-3836Apr 1, 2019affected < 3.7.2-1.2fixed 3.7.2-1.2
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
- CVE-2019-3829Mar 27, 2019affected < 3.7.2-1.2fixed 3.7.2-1.2
A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected.
- affected < 3.7.2-1.2fixed 3.7.2-1.2
A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets.
- affected < 3.7.2-1.2fixed 3.7.2-1.2
A denial of service flaw was found in OpenSSL 0.9.8, 1.0.1, 1.0.2 through 1.0.2h, and 1.1.0 in the way the TLS/SSL protocol defined processing of ALERT packets during a connection handshake. A remote attacker could use this flaw to make a TLS/SSL server consume an excessive amoun
- affected < 3.7.2-1.2fixed 3.7.2-1.2
GnuTLS before 2017-02-20 has an out-of-bounds write caused by an integer overflow and heap-based buffer overflow related to the cdk_pkt_read function in opencdk/read-packet.c. This issue (which is a subset of the vendor's GNUTLS-SA-2017-3 report) is fixed in 3.5.10.
- CVE-2015-6251Aug 24, 2015affected < 3.4.15-1.1fixed 3.4.15-1.1
Double free vulnerability in GnuTLS before 3.3.17 and 3.4.x before 3.4.4 allows remote attackers to cause a denial of service via a long DistinguishedName (DN) entry in a certificate.
- CVE-2014-8564Nov 13, 2014affected < 3.4.15-1.1fixed 3.4.15-1.1
The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) ce
- CVE-2014-3466Jun 3, 2014affected < 3.4.15-1.1fixed 3.4.15-1.1
Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15, and 3.3.x before 3.3.4 allows remote servers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a long session id in a Se
- CVE-2014-1959Mar 7, 2014affected < 3.4.15-1.1fixed 3.4.15-1.1
lib/x509/verify.c in GnuTLS before 3.1.21 and 3.2.x before 3.2.11 treats version 1 X.509 certificates as intermediate CAs, which allows remote attackers to bypass intended restrictions by leveraging a X.509 V1 certificate from a trusted CA to issue new certificates.
Page 2 of 3