CVE-2019-3836
Description
It was discovered in gnutls before version 3.6.7 upstream that there is an uninitialized pointer access in gnutls versions 3.6.3 or later which can be triggered by certain post-handshake messages.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
0.362
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| GNU TLS library (USN-3999-1) libgnutls30_3.6.4-2ubuntu1.2_i386.deb | Linux |
| GNU TLS library (USN-3999-1) libgnutls30_3.6.4-2ubuntu1.2_amd64.deb | Linux |
| GNU TLS library (USN-3999-1) libgnutls30_3.6.5-2ubuntu1.1_i386.deb | Linux |
| GNU TLS library (USN-3999-1) libgnutls30_3.6.5-2ubuntu1.1_amd64.deb | Linux |
| GNU TLS library (USN-3999-1) libgnutls30_3.4.10-4ubuntu1.5_i386.deb | Linux |
| GNU TLS library (USN-3999-1) libgnutls30_3.4.10-4ubuntu1.5_amd64.deb | Linux |
| GNU TLS library (USN-3999-1) libgnutls30_3.5.18-1ubuntu1.1_i386.deb | Linux |
| GNU TLS library (USN-3999-1) libgnutls30_3.5.18-1ubuntu1.1_amd64.deb | Linux |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234