FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

GnuTLS -- Denial of service vulnerability

Affected packages
gnutls < 3.5.13

Details

VuXML ID b33fb1e0-4c37-11e7-afeb-0011d823eebd
Discovery 2017-06-07
Entry 2017-06-08

The GnuTLS project reports:

It was found using the TLS fuzzer tools that decoding a status response TLS extension with valid contents could lead to a crash due to a null pointer dereference. The issue affects GnuTLS server applications.

[source]

References

URL https://gnutls.org/security.html#GNUTLS-SA-2017-4

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.