Gnutls: gnutls impacted by inefficient der decoding in libtasn1 leading to remote dos
Summary
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition. Affected products named by the advisory: Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9; Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions; Red Hat Enterprise Linux 9.4 Extended Update Support; and 3 more. Affected products named by the advisory: Red Hat Discovery 1.14; Red Hat Enterprise Linux 10; Red Hat OpenShift Container Platform 4.
- 3.7.0
- 3.8.0
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
- 3.6.16
- 3.7.11
- 3.8.8
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Mitigation
Mitigation steps weren't captured by the parser for this advisory — this is a parsing gap, not a statement that no fix exists. Read the vendor advisory below for the authoritative guidance.
Official advisory · high-confidence parse· fetched 2 hours ago·verify at source
Discussion(0)
No comments yet. Share field notes, upgrade gotchas, or questions — verify against the vendor advisory before acting on community advice.
Sign in to join the discussion.