SB2017011135 - Fedora EPEL 6 update for gnutls30

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017011135

SB2017011135 - Fedora EPEL 6 update for gnutls30

Published: January 11, 2017 Updated: April 24, 2025

Security Bulletin ID SB2017011135
CSH Severity
Low
Patch available
YES
Number of vulnerabilities 4
Exploitation vector Remote access
Highest impact Partial DoS

Breakdown by Severity

Low 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 4 vulnerabilities.


1) Heap-based buffer overflow (CVE-ID: CVE-2017-5337)

CWE-ID: CWE-122 - Heap-based Buffer Overflow

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to improper processing of malicious OpenPGP certificates by the read_attribute function. A remote attacker can send a specially crafted OpenPGP certificate, trigger heap-based buffer overflow and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

2) Stack-based buffer overflow (CVE-ID: CVE-2017-5336)

CWE-ID: CWE-121 - Stack-based buffer overflow

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to improper processing of malicious OpenPGP certificates by the cdk_pk_get_keyid function. A remote attacker can send a specially crafted OpenPGP certificate, trigger stack-based buffer overflow and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

3) Memory corruption (CVE-ID: CVE-2017-5335)

CWE-ID: CWE-119 - Memory corruption

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to insufficient error checking in the stream-reading functions. A remote attacker can send a specially crafted OpenPGP certificate, trigger memory corruption and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

4) Double free (CVE-ID: CVE-2017-5334)

CWE-ID: CWE-415 - Double Free

CVSSv4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear


The vulnerability allows a remote unauthenticated attacker to cause DoS condition on the target system.

The weakness exists due to insufficient validation of user-supplied input by the gnutls_x509_ext_import_proxy function. A remote attacker can send a specially crafted X.509 certificate with Proxy Certificate Information extension present, trigger double free error and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

Remediation

Install update from vendor's website.

References