CVE-2015-3308

Currently unrated

Key Information:

Vendor: Gnu
Status: Gnutls
Vendor: CVE Published:; 2 September 2015

Summary

Double free vulnerability in lib/x509/x509_ext.c in GnuTLS before 3.3.14 allows remote attackers to cause a denial of service or possibly have unspecified other impact via a crafted CRL distribution point.

References

http://lists.fedoraproject.org/pipermail/package-announce...

vendor-advisoryx_refsource_FEDORA

http://www.openwall.com/lists/oss-security/2015/04/16/6

mailing-listx_refsource_MLIST

http://www.ubuntu.com/usn/USN-2727-1

vendor-advisoryx_refsource_UBUNTU

EPSS Score

3% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Sep 2, 2015
Vulnerability Reserved
Apr 16, 2015