[arch-security] [Arch Linux Security Advisory ASA-201411-10] gnutls: out-of-bounds memory write
Levente Polyak
anthraxx at archlinux.org
Wed Nov 12 23:45:10 UTC 2014
Arch Linux Security Advisory ASA-201411-10
==========================================
Severity: Medium
Date : 2014-11-12
CVE-ID : CVE-2014-8564
Package : gnutls
Type : out-of-bounds memory write
Remote : Yes
Link : https://wiki.archlinux.org/index.php/CVE-2014
Summary
=======
The package gnutls before version 3.3.10-1 is vulnerable to
out-of-bounds memory write resulting in denial of service or possibly
code execution.
Resolution
==========
Upgrade to 3.3.10-1.
# pacman -Syu "gnutls>=3.3.10-1"
The problems have been fixed upstream [0] in version 3.3.10.
Workaround
==========
None.
Description
===========
An out-of-bounds memory write flaw was found in the way GnuTLS parsed
certain ECC (Elliptic Curve Cryptography) certificates or certificate
signing requests (CSR) resulting in heap corruption.
Impact
======
A malicious user could create a specially crafted ECC certificate or a
certificate signing request that, when processed by an application
compiled against GnuTLS (for example, certtool), could cause that
application to crash or execute arbitrary code with the permissions of
the user running the application.
References
==========
[0] https://gitorious.org/gnutls/gnutls/commit/e821e19
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8564
http://www.gnutls.org/security.html#GNUTLS-SA-2014-5
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2014-8564
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20141113/8c9c2c35/attachment.bin>
More information about the arch-security
mailing list