Description
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.
Reserved 2024-01-16 | Published 2024-01-16 | Updated 2024-11-23 | Assigner
redhatHIGH: 7.5CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Problem types
Improper Verification of Cryptographic Signature
Product status
Default status
unaffected
3.8.0 before 3.8.3
affected
Default status
affected
0:3.7.6-23.el9_3.3 before *
unaffected
Default status
affected
0:3.7.6-23.el9_3.3 before *
unaffected
Default status
affected
0:3.7.6-21.el9_2.2 before *
unaffected
Default status
affected
v4.15.0-37 before *
unaffected
Default status
affected
v4.15.0-68 before *
unaffected
Default status
affected
v4.15.0-158 before *
unaffected
Default status
affected
v4.15.0-39 before *
unaffected
Default status
affected
v4.15.0-58 before *
unaffected
Default status
affected
v4.15.0-158 before *
unaffected
Default status
affected
v4.15.0-13 before *
unaffected
Default status
affected
v4.15.0-81 before *
unaffected
Default status
affected
v4.15.0-158 before *
unaffected
Default status
affected
v4.15.0-79 before *
unaffected
Default status
affected
v4.15.0-22 before *
unaffected
Default status
affected
v4.15.0-57 before *
unaffected
Default status
affected
v4.15.0-6 before *
unaffected
Default status
affected
v4.15.0-158 before *
unaffected
Default status
affected
v4.15.0-15 before *
unaffected
Default status
affected
v4.15.0-15 before *
unaffected
Default status
affected
v4.15.0-54 before *
unaffected
Default status
affected
v4.15.0-158 before *
unaffected
Default status
affected
v4.15.0-10 before *
unaffected
Default status
affected
v4.15.0-26 before *
unaffected
Default status
affected
v4.15.0-158 before *
unaffected
Default status
affected
v4.15.0-19 before *
unaffected
Default status
affected
v4.15.0-158 before *
unaffected
Default status
affected
v4.15.0-158 before *
unaffected
Default status
affected
v4.15.0-21 before *
unaffected
Default status
affected
v4.15.0-103 before *
unaffected
Default status
affected
v5.8.6-22 before *
unaffected
Default status
affected
v5.8.6-11 before *
unaffected
Default status
affected
v6.8.1-407 before *
unaffected
Default status
affected
v5.8.6-19 before *
unaffected
Default status
affected
v1.0.0-479 before *
unaffected
Default status
affected
v5.8.6-7 before *
unaffected
Default status
affected
v0.4.0-247 before *
unaffected
Default status
affected
v5.8.6-5 before *
unaffected
Default status
affected
v1.1.0-227 before *
unaffected
Default status
affected
v5.8.1-470 before *
unaffected
Default status
affected
v2.9.6-14 before *
unaffected
Default status
affected
v5.8.6-2 before *
unaffected
Default status
affected
v5.8.6-24 before *
unaffected
Default status
affected
v5.8.6-10 before *
unaffected
Default status
affected
v0.1.0-525 before *
unaffected
Default status
affected
v0.1.0-224 before *
unaffected
Default status
affected
v0.28.1-56 before *
unaffected
Default status
unknown
Default status
unknown
Default status
unknown
Default status
unaffected
Default status
unaffected
Default status
unaffected
Default status
unaffected
Timeline
| 2024-01-16: | Reported to Red Hat. |
| 2024-01-16: | Made public. |
References
access.redhat.com/errata/RHSA-2024:0533 (RHSA-2024:0533) vendor-advisory
access.redhat.com/errata/RHSA-2024:1082 (RHSA-2024:1082) vendor-advisory
access.redhat.com/errata/RHSA-2024:1383 (RHSA-2024:1383) vendor-advisory
access.redhat.com/errata/RHSA-2024:2094 (RHSA-2024:2094) vendor-advisory
access.redhat.com/security/cve/CVE-2024-0567 vdb-entry
bugzilla.redhat.com/show_bug.cgi?id=2258544 (RHBZ#2258544) issue-tracking
gitlab.com/gnutls/gnutls/-/issues/1521
lists.gnupg.org/...mail/gnutls-help/2024-January/004841.html
cve.org (CVE-2024-0567)
nvd.nist.gov (CVE-2024-0567)
Download JSON
