Vulnerability CVE-2024-0567: Information
Description
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.
Severity: HIGH (7.5) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Fixed packages
Package name | Branch | Fixed in version | Version from repository | Errata ID | Task # | State |
---|---|---|---|---|---|---|
gnutls30 | sisyphus | 3.8.3-alt1 | 3.8.4-alt1 | ALT-PU-2024-1258-1 | 338392 | Fixed |
gnutls30 | sisyphus_e2k | 3.8.3-alt1 | 3.8.4-alt1 | ALT-PU-2024-1280-1 | - | Fixed |
gnutls30 | sisyphus_riscv64 | 3.8.3-alt1 | 3.8.4-alt1 | ALT-PU-2024-2878-1 | - | Fixed |
gnutls30 | sisyphus_loongarch64 | 3.8.3-alt1 | 3.8.4-alt1 | ALT-PU-2024-1444-1 | - | Fixed |
gnutls30 | p10 | 3.6.16-alt5 | 3.6.16-alt6 | ALT-PU-2024-4754-3 | 343952 | Fixed |
gnutls30 | p10_e2k | 3.6.16-alt5 | 3.6.16-alt6 | ALT-PU-2024-6414-1 | - | Fixed |
gnutls30 | p9 | 3.6.16-alt5 | 3.6.16-alt5 | ALT-PU-2024-4913-2 | 343958 | Fixed |
gnutls30 | c10f1 | 3.6.16-alt5 | 3.6.16-alt5 | ALT-PU-2024-6430-2 | 344988 | Fixed |
gnutls30 | c9f2 | 3.6.16-alt5 | 3.6.16-alt5 | ALT-PU-2024-4977-3 | 344277 | Fixed |
References to Advisories, Solutions, and Tools
Hyperlink | Resource |
---|---|
https://access.redhat.com/security/cve/CVE-2024-0567 |
|
RHBZ#2258544 |
|
https://gitlab.com/gnutls/gnutls/-/issues/1521 |
|
https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html |
|
http://www.openwall.com/lists/oss-security/2024/01/19/3 |
|
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/ | |
RHSA-2024:0533 | |
https://security.netapp.com/advisory/ntap-20240202-0011/ | |
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/ | |
RHSA-2024:1082 |