oss-sec mailing list archives

CVE request: GNUTLS-SA-2015-3 double free in certificate DN decoding

From: Martin Prpic <mprpic () redhat com>
Date: Mon, 10 Aug 2015 11:23:02 +0200

Hi,

GnuTLS released versions 3.4.4 and 3.3.17 that fix one security issue:

http://www.gnutls.org/security.html#GNUTLS-SA-2015-3

"Kurt Roeckx reported that decoding a specific certificate with very
long DistinguishedName (DN) entries leads to double free, which may
result to a denial of service. Since the DN decoding occurs in almost
all applications using certificates it is recommended to upgrade the
latest GnuTLS version fixing the issue. Recommendation: Upgrade to
GnuTLS 3.4.4, or 3.3.17."

The upstream patch that fixes this issue is available at:

https://gitlab.com/gnutls/gnutls/commit/272854367efc130fbd4f1a51840d80c630214e12

Can a CVE please be assigned to this issue?

Also, there is still no CVE for the issue before this one. The CVE
request was sent on May 5:

http://seclists.org/oss-sec/2015/q2/367

Can a CVE be assigned to this as well?

Thank you!

Refs:
rhbz GNUTLS-SA-2015-2: https://bugzilla.redhat.com/1218426
rhbz GNUTLS-SA-2015-3: https://bugzilla.redhat.com/1251902

-- 
Martin Prpič / Red Hat Product Security

Current thread:

CVE request: GNUTLS-SA-2015-3 double free in certificate DN decoding Martin Prpic (Aug 10)
- Re: CVE request: GNUTLS-SA-2015-3 double free in certificate DN decoding Salvatore Bonaccorso (Aug 14)
- Re: CVE request: GNUTLS-SA-2015-3 double free in certificate DN decoding cve-assign (Aug 17)