Double Free Vulnerability in GnuTLS Affects Various Versions
CVE-2015-3308

Currently unrated

Key Information:

Vendor: Gnu
Status: Gnutls
Vendor: CVE Published:; 2 September 2015

Summary

A double free vulnerability exists in GnuTLS impacting its handling of CRL (Certificate Revocation List) distribution points. Attackers can exploit this flaw to potentially cause denial of service when specially crafted data is processed. This issue highlights the importance of security practices in managing certificate data effectively.

References

http://lists.fedoraproject.org/pipermail/package-announce...

vendor-advisoryx_refsource_FEDORA

http://www.openwall.com/lists/oss-security/2015/04/16/6

mailing-listx_refsource_MLIST

http://www.ubuntu.com/usn/USN-2727-1

vendor-advisoryx_refsource_UBUNTU

Timeline

Vulnerability published
Sep 2, 2015
Vulnerability Reserved
Apr 16, 2015