Published: 24/08/2022 Updated: 27/10/2022

CVSS v3 Base Score: 6.5 | Impact Score: 3.6 | Exploitability Score: 2.8

VMScore: 0

A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnu gnutls
redhat enterprise linux 8.0
netapp solidfire \\& hci management node -
netapp active iq unified manager -
netapp hci_bootstrap_os -

Several security issues were fixed in GnuTLS ...

Critical Infrastructure Sectors: Critical Manufacturing

CWE-476 https://gitlab.com/gnutls/gnutls/-/issues/1306 https://access.redhat.com/security/cve/CVE-2021-4209 https://gitlab.com/gnutls/gnutls/-/merge_requests/1503 https://bugzilla.redhat.com/show_bug.cgi?id=2044156 https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568 https://security.netapp.com/advisory/ntap-20220915-0005/https://ubuntu.com/security/notices/USN-5550-1 https://nvd.nist.gov https://www.cisa.gov/news-events/ics-advisories/icsa-23-348-10

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2021-4209

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

ICS Advisories

References

Vulmon Search

About

Products

Connect