Skip to main content

Gnutls CVE-2020-24659

HIGH
NULL Pointer Dereference (CWE-476)
2020-09-04 cve@mitre.org
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
None
Integrity
None
Availability
High

Lifecycle Timeline

1
CVE Published
Sep 04, 2020 - 15:15 nvd
HIGH 7.5

DescriptionNVD

An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure.

AnalysisAI

An issue was discovered in GnuTLS before 3.6.15. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.

Technical ContextAI

This vulnerability is classified as NULL Pointer Dereference (CWE-476), which allows attackers to crash the application by dereferencing a null pointer. An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure. Affected products include: Gnu Gnutls, Fedoraproject Fedora, Opensuse Leap, Canonical Ubuntu Linux. Version information: before 3.6.15..

RemediationAI

No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Check pointers before dereferencing. Use static analysis tools to detect null pointer paths.

More in Gnutls

View all
CVE-2021-20231 CRITICAL POC
9.8 Mar 12

A flaw was found in gnutls. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentic

CVE-2014-3466 MEDIUM POC
6.8 Jun 03

Buffer overflow in the read_server_hello function in lib/gnutls_handshake.c in GnuTLS before 3.1.25, 3.2.x before 3.2.15

CVE-2024-0553 HIGH POC
7.5 Jan 16

A vulnerability was found in GnuTLS. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no auth

CVE-2012-1663 HIGH POC
7.5 Mar 13

Double free vulnerability in libgnutls in GnuTLS before 3.0.14 allows remote attackers to cause a denial of service (app

CVE-2019-3836 HIGH POC
7.5 Apr 01

It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versio

CVE-2019-3829 HIGH POC
7.5 Mar 27

A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. Rated high severity (CVSS 7.5), this vulnerability

CVE-2023-0361 HIGH POC
7.4 Feb 15

A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. Rated high severity (C

CVE-2012-1569 MEDIUM POC
5.0 Mar 26

The asn1_get_length_der function in decoding.c in GNU Libtasn1 before 2.12, as used in GnuTLS before 3.0.16 and other pr

CVE-2017-5334 CRITICAL
9.8 Mar 24

Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 al

CVE-2012-1573 MEDIUM POC
5.0 Mar 26

gnutls_cipher.c in libgnutls in GnuTLS before 2.12.17 and 3.x before 3.0.15 does not properly handle data encrypted with

CVE-2017-5336 CRITICAL
9.8 Mar 24

Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x b

CVE-2017-5337 CRITICAL
9.8 Mar 24

Multiple heap-based buffer overflows in the read_attribute function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allow

Share

CVE-2020-24659 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy