CVE Vulnerabilities

CVE-2020-24659

NULL Pointer Dereference

Published: Sep 04, 2020 | Modified: Nov 07, 2023
CVSS 3.x
7.5
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
7.5 MODERATE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ubuntu
MEDIUM

An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the applications error handling path, where the gnutls_deinit function is called after detecting a handshake failure.

Weakness

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.

Affected Software

Name Vendor Start Version End Version
Gnutls Gnu * 3.6.15 (excluding)
Gnutls28 Ubuntu devel *
Gnutls28 Ubuntu focal *
Gnutls28 Ubuntu trusty *
Gnutls28 Ubuntu upstream *
Red Hat Enterprise Linux 8 RedHat gnutls-0:3.6.14-7.el8_3 *
Red Hat Enterprise Linux 8 RedHat gnutls-0:3.6.14-7.el8_3 *

Potential Mitigations

References