Nixpkgs security tracker
Untriaged
Permalink
CVE-2024-12243
5.3 MEDIUM
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): NONE
- Integrity impact (I): NONE
- Availability impact (A): LOW
Gnutls: gnutls impacted by inefficient der decoding in libtasn1 leading to remote dos
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.
References
Affected products
rhcos
gnutls
- <3.8.8
- =<3.7.11
- *
- =<3.6.16
discovery/discovery-ui-rhel9
- *
discovery/discovery-server-rhel9
- *
registry.redhat.io/discovery/discovery-ui-rhel9
- *
registry.redhat.io/discovery/discovery-server-rhel9
- *
Matching in nixpkgs
pkgs.gnutls
GNU Transport Layer Security Library
pkgs.guile-gnutls
Guile bindings for GnuTLS library
pkgs.python311Packages.python3-gnutls
Python wrapper for the GnuTLS library
-
nixos-unstable python3-gnutls-3.1.10
- nixpkgs-unstable python3-gnutls-3.1.10
- nixos-unstable-small python3-gnutls-3.1.10
pkgs.python312Packages.python3-gnutls
Python wrapper for the GnuTLS library
-
nixos-unstable python3-gnutls-3.1.10
- nixpkgs-unstable python3-gnutls-3.1.10
- nixos-unstable-small python3-gnutls-3.1.10
Package maintainers
-
@vcunat Vladimír Čunát <v@cunat.cz>
-
@foo-dogsquared Gabriel Arazas <foodogsquared@foodogsquared.one>
-
@charlieshanley Charlie Hanley <charlieshanley@gmail.com>