Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 546760 (CVE-2015-3308)

Summary: <net-libs/gnutls-3.3.14: double-free in gnutls (CRL distribution points parsing) (CVE-2015-3308)
Product: Gentoo Security Reporter: Agostino Sarubbo <ago>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: alonbl, crypto+disabled
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://www.openwall.com/lists/oss-security/2015/04/15/6
Whiteboard: A3 [glsa cve]
Package list:
Runtime testing required: ---
Bug Depends on: 548636    
Bug Blocks:    

Description Agostino Sarubbo gentoo-dev 2015-04-16 10:15:59 UTC 
From ${URL} :

gnutls 3.3.14 fixes a double-free in parsing CRL distribution points.

It will affect applications which parse CRL distribution points or
print contents of certificates with gnutls-provided functions (e.g.
gnutls_x509_crt_print())

Usually a DoS under modern mem allocators, but creating something more
interesting using double-free exploitation techniques is not out of
the question

changelists:
https://gitlab.com/gnutls/gnutls/commit/d6972be33264ecc49a86cd0958209cd7363af1e9
https://gitlab.com/gnutls/gnutls/commit/053ae65403216acdb0a4e78b25ad66ee9f444f02



@maintainer(s): since the fixed package is already in the tree, please let us know if it is ready for the stabilization or not.
Comment 1 Alon Bar-Lev (RETIRED) gentoo-dev 2015-04-16 21:46:47 UTC 
(In reply to Agostino Sarubbo from comment #0)
> @maintainer(s): since the fixed package is already in the tree, please let
> us know if it is ready for the stabilization or not.

sure, needed anyway.
thanks!
Comment 2 Yury German Gentoo Infrastructure gentoo-dev 2015-06-06 13:59:09 UTC 
30+ days, are we ready to go stable?
Comment 3 Alon Bar-Lev (RETIRED) gentoo-dev 2015-06-06 19:12:38 UTC 
(In reply to Yury German from comment #2)
> 30+ days, are we ready to go stable?

yes, already replied, do you want me to CC archs?
Comment 4 Kristian Fiskerstrand (RETIRED) gentoo-dev 2015-06-06 19:55:17 UTC 
(In reply to Alon Bar-Lev from comment #3)
> (In reply to Yury German from comment #2)
> > 30+ days, are we ready to go stable?
> 
> yes, already replied, do you want me to CC archs?

No, this is handled in bug 548636 , hence stable blocked :)
Comment 5 Yury German Gentoo Infrastructure gentoo-dev 2015-06-21 03:18:08 UTC 
Added to an existing GLSA Request.

Maintainer(s), please drop the vulnerable version(s).
Comment 6 Alon Bar-Lev (RETIRED) gentoo-dev 2015-06-21 06:40:27 UTC 
Done, thanks.
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2015-06-22 21:41:16 UTC 
This issue was resolved and addressed in
 GLSA 201506-03 at https://security.gentoo.org/glsa/201506-03
by GLSA coordinator Kristian Fiskerstrand (K_F).
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2015-07-05 21:44:56 UTC 
CVE-2015-3308 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3308):
  ** RESERVED ** This candidate has been reserved by an organization or
  individual that will use it when announcing a new security problem. When the
  candidate has been publicized, the details for this candidate will be
  provided.
  
  ** TEMPORARY **
  gnutls 3.3.14 fixes a double-free in parsing CRL distribution points.
  
  It will affect applications which parse CRL distribution points or
  print contents of certificates with gnutls-provided functions (e.g.
  gnutls_x509_crt_print())