Home

CVE-2017-5334

Description

Double free vulnerability in the gnutls_x509_ext_import_proxy function in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via crafted policy language information in an X.509 certificate with a Proxy Certificate Information extension.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
5.592

Associated Vulnerability

VulnerabilityOS Platform
GNU TLS library (USN-2913-4) libgnutls26_2.12.14-5ubuntu3.13_i386.debLinux
GNU TLS library (USN-2913-4) libgnutls26_2.12.14-5ubuntu3.13_amd64.debLinux
GNU TLS library (USN-2913-4) libgnutls26_2.12.23-12ubuntu2.6_i386.debLinux
GNU TLS library (USN-2913-4) libgnutls26_2.12.23-12ubuntu2.6_amd64.debLinux
GNU TLS library (USN-3183-1) libgnutls30_3.5.3-5ubuntu1.1_i386.debLinux
GNU TLS library (USN-3183-1) libgnutls30_3.5.3-5ubuntu1.1_amd64.debLinux
GNU TLS library (USN-3183-1) libgnutls30_3.4.10-4ubuntu1.2_i386.debLinux
GNU TLS library (USN-3183-1) libgnutls30_3.4.10-4ubuntu1.2_amd64.debLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-3.3.26-9.el7.i686.rpmLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-3.3.26-9.el7.x86_64.rpmLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-c++-3.3.26-9.el7.i686.rpmLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-c++-3.3.26-9.el7.x86_64.rpmLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-dane-3.3.26-9.el7.i686.rpmLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-dane-3.3.26-9.el7.x86_64.rpmLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-devel-3.3.26-9.el7.i686.rpmLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-devel-3.3.26-9.el7.x86_64.rpmLinux
(RHSA-2017:2292) Moderate: gnutls security, bug fix, and enhancement update gnutls-utils-3.3.26-9.el7.x86_64.rpmLinux
Double Free Vulnerability (CVE-2017-5334)NCM

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234