A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.
An algorithm in a product has an inefficient worst-case computational complexity that may be detrimental to system performance and can be triggered by an attacker, typically using crafted manipulations that ensure that the worst case is being reached.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Gnutls28 | Ubuntu | devel | * |
| Gnutls28 | Ubuntu | focal | * |
| Gnutls28 | Ubuntu | jammy | * |
| Gnutls28 | Ubuntu | noble | * |
| Gnutls28 | Ubuntu | oracular | * |
| Gnutls28 | Ubuntu | upstream | * |