A NULL pointer dereference flaw was found in GnuTLS. As Nettles hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.
Weakness
The product dereferences a pointer that it expects to be valid but is NULL.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Gnutls | Gnu | * | 3.7.3 (excluding) |
| Gnutls26 | Ubuntu | precise/esm | * |
| Gnutls26 | Ubuntu | trusty | * |
| Gnutls26 | Ubuntu | trusty/esm | * |
| Gnutls28 | Ubuntu | bionic | * |
| Gnutls28 | Ubuntu | esm-infra/bionic | * |
| Gnutls28 | Ubuntu | esm-infra/focal | * |
| Gnutls28 | Ubuntu | esm-infra/xenial | * |
| Gnutls28 | Ubuntu | focal | * |
| Gnutls28 | Ubuntu | impish | * |
| Gnutls28 | Ubuntu | trusty | * |
| Gnutls28 | Ubuntu | upstream | * |
| Gnutls28 | Ubuntu | xenial | * |
Potential Mitigations
References
- https://access.redhat.com/security/cve/CVE-2021-4209
- https://bugzilla.redhat.com/show_bug.cgi?id=2044156
- https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568
- https://gitlab.com/gnutls/gnutls/-/issues/1306
- https://gitlab.com/gnutls/gnutls/-/merge_requests/1503
- https://security.netapp.com/advisory/ntap-20220915-0005/
- https://access.redhat.com/security/cve/CVE-2021-4209
- https://bugzilla.redhat.com/show_bug.cgi?id=2044156
- https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568
- https://gitlab.com/gnutls/gnutls/-/issues/1306
- https://gitlab.com/gnutls/gnutls/-/merge_requests/1503
- https://security.netapp.com/advisory/ntap-20220915-0005/