« List of all CVEs

CVE-2024-0567

Gnutls: rejects certificate chain with distributed trust

Published: 1/16/2024 Last updated: 6/2/2025 Reserved: 1/16/2024

A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Metrics

Version Score Severity Vector String
3.1 7.5 High CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Opam packages affected (5)

conf-gnutls conf-mingw-w64-gnutls-i686 conf-mingw-w64-gnutls-x86_64 conf-srt conf-srt-gnutls

Products affected (49)

Product Vendor Version
Red Hat Enterprise Linux 7 Red Hat 2.5.3
Red Hat Enterprise Linux 9 Red Hat n/a
Red Hat OpenShift Container Platform 3.11 Red Hat n/a
Red Hat Enterprise Linux 9.2 Extended Update Support Red Hat <= versions 33 and prior
Red Hat Enterprise Linux 6 Red Hat 2.5.2
Red Hat Enterprise Linux 9 Red Hat <= versions 33 and prior
Red Hat Enterprise Linux 9 Red Hat <= versions 33 and prior
< 1.0.1
Red Hat Enterprise Linux 8 Red Hat < 10.0.17763.5329
Red Hat Enterprise Linux 7 Red Hat < 17.4R3-S3
RHODF-4.15-RHEL-9 Red Hat < 10.0.14393.5291
RHODF-4.15-RHEL-9 Red Hat n/a
RHODF-4.15-RHEL-9 Red Hat < 10.0.14393.5291
RHODF-4.15-RHEL-9 Red Hat 4.6.5.16370
RHODF-4.15-RHEL-9 Red Hat n/a
RHODF-4.15-RHEL-9 Red Hat < 10.0.19041.1348
RHODF-4.15-RHEL-9 Red Hat n/a
RHODF-4.15-RHEL-9 Red Hat < 18.3R3-S5
RHODF-4.15-RHEL-9 Red Hat < 19.1R3-S7
RHODF-4.15-RHEL-9 Red Hat < 06ee04a907d64ee3910fecedd05d7f1be4b1b70e
RHODF-4.15-RHEL-9 Red Hat < 19.4R3-S3
RHODF-4.15-RHEL-9 Red Hat < 20.1R3
RHODF-4.15-RHEL-9 Red Hat n/a
RHODF-4.15-RHEL-9 Red Hat < 20.4R2-EVO
RHODF-4.15-RHEL-9 Red Hat <= 6.1.*
RHODF-4.15-RHEL-9 Red Hat Android-10
RHODF-4.15-RHEL-9 Red Hat < d237c7d06ffddcdb5d36948c527dc01284388218
RHODF-4.15-RHEL-9 Red Hat <= 0.18.3
RHODF-4.15-RHEL-9 Red Hat <= 1.0.1
RHODF-4.15-RHEL-9 Red Hat < 8a3995a3ffeca280a961b59f5c99843d81b15929
RHODF-4.15-RHEL-9 Red Hat < 1.6.0
RHODF-4.15-RHEL-9 Red Hat n/a
RHODF-4.15-RHEL-9 Red Hat <= 4.19.*
RHODF-4.15-RHEL-9 Red Hat <= latest
RHODF-4.15-RHEL-9 Red Hat < 347f1793b573466424c550f2748ed837b6690fe7
RHODF-4.15-RHEL-9 Red Hat < f8926e2d2225eb7b7e11cd3fa266aaad9075b767
RHOL-5.8-RHEL-9 Red Hat n/a
RHOL-5.8-RHEL-9 Red Hat 5.0
RHOL-5.8-RHEL-9 Red Hat < 5.0
RHOL-5.8-RHEL-9 Red Hat 9.14.9 through versions 9.14.12
RHOL-5.8-RHEL-9 Red Hat <= 2.5.1
RHOL-5.8-RHEL-9 Red Hat < 10.0.17763.4974
RHOL-5.8-RHEL-9 Red Hat n/a
RHOL-5.8-RHEL-9 Red Hat 5.2
RHOL-5.8-RHEL-9 Red Hat 5.4
RHOL-5.8-RHEL-9 Red Hat >= 3.0.0, < 3.7.0
RHOL-5.8-RHEL-9 Red Hat < 3.4.0
RHOL-5.8-RHEL-9 Red Hat n/a
RHOL-5.8-RHEL-9 Red Hat Moodle 3.x

References (20)