CVE-2020-24659
Severity
7.5HIGH
EPSS
3.6%
top 12.16%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 4
Latest updateMay 24
Description
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 3.9 | Impact: 3.6
Affected Packages3 packages
Also affects: Fedora 32, 33, Ubuntu Linux 20.04
🔴Vulnerability Details
3📋Vendor Advisories
4Microsoft▶
An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing and then an invalid seco↗2020-09-08
Debian▶
CVE-2020-24659: gnutls28 - An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL poi...↗2020
💬Community
4Bugzilla▶
CVE-2020-24659 gnutls30: gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent [epel-6]↗2020-09-04
Bugzilla▶
CVE-2020-24659 mingw-gnutls: gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent [fedora-all]↗2020-09-04
Bugzilla▶
CVE-2020-24659 gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent [fedora-all]↗2020-09-04
Bugzilla▶
CVE-2020-24659 gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent↗2020-08-24