SB2022080508 - Multiple vulnerabilities in GnuTLS

Description

This security bulletin contains information about 2 vulnerabilities.

1) NULL pointer dereference (CVE-ID: CVE-2021-4209)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a NULL pointer dereference error in MD_UPDATE. A remote attacker can pass specially crafted data to the application and perform a denial of service (DoS) attack.

2) Race condition (CVE-ID: N/A)

The vulnerability allows a remote attacker to cause memory corruption.

The vulnerability exists due to memory corruption in gnutls_x509_trust_list_verify_crt2() when verifying certificates using a shared trust list object across multiple threads. A remote attacker can trigger concurrent certificate verification operations to cause memory corruption.

The vulnerable code path is only reached when a PKCS#11 based trust store is enabled and the issuer certificate is already stored as trusted.

Remediation

Install update from vendor's website.

References

• https://gitlab.com/gnutls/gnutls/-/issues/1306
• https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568
• https://www.gnutls.org/security-new.html#GNUTLS-SA-2022-01-17
• https://gitlab.com/gnutls/gnutls/-/issues/1277