Security
Headlines
HeadlinesLatestCVEs

Headline

Ubuntu Security Notice USN-5750-1

Ubuntu Security Notice 5750-1 - It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service.

Packet Storm
#vulnerability#ubuntu#dos#auth#ssl
=========================================================================Ubuntu Security Notice USN-5750-1November 30, 2022gnutls28 vulnerability=========================================================================A security issue affects these releases of Ubuntu and its derivatives:- Ubuntu 16.04 ESMSummary:GnuTLS could be made to crash if it received specially crafted networktraffic from an authenticated client.Software Description:- gnutls28: GNU TLS libraryDetails:It was discovered that GnuTLS incorrectly handled certain memoryoperations. A remote attacker could possibly use this issue to cause GnuTLSto crash, resulting in a denial of service.Update instructions:The problem can be corrected by updating your system to the followingpackage versions:Ubuntu 16.04 ESM:  libgnutls30                     3.4.10-4ubuntu1.9+esm1In general, a standard system update will make all the necessary changes.References:  https://ubuntu.com/security/notices/USN-5750-1  CVE-2021-4209

Related news

Scanvus now supports Vulners and Vulns.io VM Linux vulnerability detection APIs

Hello everyone! Great news for my open source Scanvus project! You can now perform vulnerability checks on Linux hosts and docker images not only using the Vulners.com API, but also with the Vulns.io VM API. It’s especially nice that all the code to support the new API was written and contributed by colleagues from Vulns.io. […]

CVE-2021-4209: Null pointer dereference in MD_UPDATE (#1306) · Issues · gnutls / GnuTLS · GitLab

A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.

Ubuntu Security Notice USN-5550-1

Ubuntu Security Notice 5550-1 - It was discovered that GnuTLS incorrectly handled certain memory operations. A remote attacker could possibly use this issue to cause GnuTLS to crash, resulting in a denial of service. This issue only affected Ubuntu 18.04 LTS, and Ubuntu 20.04 LTS. It was discovered that GnuTLS incorrectly handled the verification of certain pkcs7 signatures. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code.

Packet Storm: Latest News

Acronis Cyber Protect/Backup Remote Code Execution