Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bugzilla DB migration completed. Please report issues to Infra team via email via infra@gentoo.org or IRC
Bug 546760 (CVE-2015-3308) - <net-libs/gnutls-3.3.14: double-free in gnutls (CRL distribution points parsing) (CVE-2015-3308)
Summary: <net-libs/gnutls-3.3.14: double-free in gnutls (CRL distribution points parsi...
Status: RESOLVED FIXED
Alias: CVE-2015-3308
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: http://www.openwall.com/lists/oss-sec...
Whiteboard: A3 [glsa cve]
Keywords:
Depends on: 548636
Blocks:
  Show dependency tree
 
Reported: 2015-04-16 10:15 UTC by Agostino Sarubbo
Modified: 2015-07-05 21:45 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2015-04-16 10:15:59 UTC
From ${URL} :

gnutls 3.3.14 fixes a double-free in parsing CRL distribution points.

It will affect applications which parse CRL distribution points or
print contents of certificates with gnutls-provided functions (e.g.
gnutls_x509_crt_print())

Usually a DoS under modern mem allocators, but creating something more
interesting using double-free exploitation techniques is not out of
the question

changelists:
https://gitlab.com/gnutls/gnutls/commit/d6972be33264ecc49a86cd0958209cd7363af1e9
https://gitlab.com/gnutls/gnutls/commit/053ae65403216acdb0a4e78b25ad66ee9f444f02



@maintainer(s): since the fixed package is already in the tree, please let us know if it is ready for the stabilization or not.
Comment 1 Alon Bar-Lev gentoo-dev 2015-04-16 21:46:47 UTC
(In reply to Agostino Sarubbo from comment #0)
> @maintainer(s): since the fixed package is already in the tree, please let
> us know if it is ready for the stabilization or not.

sure, needed anyway.
thanks!
Comment 2 Yury German Gentoo Infrastructure gentoo-dev Security 2015-06-06 13:59:09 UTC
30+ days, are we ready to go stable?
Comment 3 Alon Bar-Lev gentoo-dev 2015-06-06 19:12:38 UTC
(In reply to Yury German from comment #2)
> 30+ days, are we ready to go stable?

yes, already replied, do you want me to CC archs?
Comment 4 Kristian Fiskerstrand gentoo-dev Security 2015-06-06 19:55:17 UTC
(In reply to Alon Bar-Lev from comment #3)
> (In reply to Yury German from comment #2)
> > 30+ days, are we ready to go stable?
> 
> yes, already replied, do you want me to CC archs?

No, this is handled in bug 548636 , hence stable blocked :)
Comment 5 Yury German Gentoo Infrastructure gentoo-dev Security 2015-06-21 03:18:08 UTC
Added to an existing GLSA Request.

Maintainer(s), please drop the vulnerable version(s).
Comment 6 Alon Bar-Lev gentoo-dev 2015-06-21 06:40:27 UTC
Done, thanks.
Comment 7 GLSAMaker/CVETool Bot gentoo-dev 2015-06-22 21:41:16 UTC
This issue was resolved and addressed in
 GLSA 201506-03 at https://security.gentoo.org/glsa/201506-03
by GLSA coordinator Kristian Fiskerstrand (K_F).
Comment 8 GLSAMaker/CVETool Bot gentoo-dev 2015-07-05 21:44:56 UTC
CVE-2015-3308 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-3308):
  ** RESERVED ** This candidate has been reserved by an organization or
  individual that will use it when announcing a new security problem. When the
  candidate has been publicized, the details for this candidate will be
  provided.
  
  ** TEMPORARY **
  gnutls 3.3.14 fixes a double-free in parsing CRL distribution points.
  
  It will affect applications which parse CRL distribution points or
  print contents of certificates with gnutls-provided functions (e.g.
  gnutls_x509_crt_print())