Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 740390 (CVE-2020-24659) - <net-libs/gnutls-3.6.15: Null-pointer deref in TLS 1.3 client (CVE-2020-24659)
Summary: <net-libs/gnutls-3.6.15: Null-pointer deref in TLS 1.3 client (CVE-2020-24659)
Status: RESOLVED FIXED
Alias: CVE-2020-24659
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://gitlab.com/gnutls/gnutls/-/is...
Whiteboard: A3 [glsa+ cve]
Keywords:
Depends on:
Blocks:
 
Reported: 2020-09-04 14:51 UTC by Sam James
Modified: 2020-09-18 12:37 UTC (History)
1 user (show)

See Also:
Package list:
net-libs/gnutls-3.6.15
Runtime testing required: ---
nattka: sanity-check+

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-09-04 14:51:32 UTC 
Description:
"An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application's error handling path, where the gnutls_deinit function is called after detecting a handshake failure."

Advisory: https://www.gnutls.org/security-new.html#GNUTLS-SA-2020-09-04
Comment 1 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-09-04 14:56:45 UTC 
Please bump to 3.6.15.
Comment 2 Larry the Git Cow gentoo-dev 2020-09-04 16:14:21 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=807088725f04adee3a1e0ed9a8b41d8d647262b3

commit 807088725f04adee3a1e0ed9a8b41d8d647262b3
Author:     Thomas Deutschmann <whissi@gentoo.org>
AuthorDate: 2020-09-04 15:28:14 +0000
Commit:     Thomas Deutschmann <whissi@gentoo.org>
CommitDate: 2020-09-04 16:13:47 +0000

    net-libs/gnutls: bump to v3.6.15
    
    Bug: https://bugs.gentoo.org/649396
    Bug: https://bugs.gentoo.org/711104
    Bug: https://bugs.gentoo.org/740390
    Package-Manager: Portage-3.0.4, Repoman-3.0.1
    Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>

 net-libs/gnutls/Manifest                           |   1 +
 .../gnutls-3.6.15-skip-dtls-seccomp-tests.patch    |  26 ++++
 net-libs/gnutls/gnutls-3.6.15.ebuild               | 134 +++++++++++++++++++++
 3 files changed, 161 insertions(+)
Comment 3 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-09-04 16:52:38 UTC 
Thanks. Let us know when ready to stable.
Comment 4 Thomas Deutschmann (RETIRED) gentoo-dev 2020-09-05 21:16:56 UTC 
x86 stable
Comment 5 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-09-05 22:39:38 UTC 
amd64 done
Comment 6 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-09-05 22:45:02 UTC 
arm64 done
Comment 7 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-09-06 00:20:53 UTC 
arm done
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2020-09-06 00:27:52 UTC 
This issue was resolved and addressed in
 GLSA 202009-01 at https://security.gentoo.org/glsa/202009-01
by GLSA coordinator Thomas Deutschmann (whissi).
Comment 9 Thomas Deutschmann (RETIRED) gentoo-dev 2020-09-06 00:29:09 UTC 
Re-opening for remaining architectures.
Comment 10 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-09-06 00:31:09 UTC 
arm done
Comment 11 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-09-06 14:35:44 UTC 
ppc, ppc64 stable
Comment 12 Rolf Eike Beer archtester 2020-09-09 21:04:14 UTC 
hppa stable
Comment 13 Agostino Sarubbo gentoo-dev 2020-09-18 08:05:59 UTC 
sparc stable
Comment 14 Agostino Sarubbo gentoo-dev 2020-09-18 08:12:11 UTC 
s390 stable.

Maintainer(s), please cleanup.
Comment 15 Larry the Git Cow gentoo-dev 2020-09-18 10:30:16 UTC 
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5d7af8385b56e3b113c42f2f01db52d90bdb650f

commit 5d7af8385b56e3b113c42f2f01db52d90bdb650f
Author:     Lars Wendler <polynomial-c@gentoo.org>
AuthorDate: 2020-09-18 10:11:07 +0000
Commit:     Lars Wendler <polynomial-c@gentoo.org>
CommitDate: 2020-09-18 10:30:04 +0000

    net-libs/gnutls: Security cleanup
    
    Bug: https://bugs.gentoo.org/740390
    Package-Manager: Portage-3.0.7, Repoman-3.0.1
    Signed-off-by: Lars Wendler <polynomial-c@gentoo.org>

 net-libs/gnutls/Manifest             |   1 -
 net-libs/gnutls/gnutls-3.6.14.ebuild | 132 -----------------------------------
 2 files changed, 133 deletions(-)