925120 – (CVE-2024-26130) <dev-python/cryptography-42.0.4: null-pointer-dereference and segfault that could occur when creating a PKCS#12 bundle

Bug 925120 (CVE-2024-26130) - <dev-python/cryptography-42.0.4: null-pointer-dereference and segfault that could occur when creating a PKCS#12 bundle

Summary: <dev-python/cryptography-42.0.4: null-pointer-dereference and segfault that c...

Status:	IN_PROGRESS

Alias:	CVE-2024-26130

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	B3 [stable]
Keywords:

Depends on:	925119 925173
Blocks:
	Show dependency tree

Reported:	2024-02-21 04:26 UTC by Michał Górny
Modified:	2024-02-21 13:19 UTC (History)
CC List:	2 users (show)

See Also:	https://github.com/pyca/cryptography/issues/10422
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Michał Górny archtester

2024-02-21 04:26:10 UTC

+* Fixed a null-pointer-dereference and segfault that could occur when creating
+  a PKCS#12 bundle. Credit to **Alexander-Programming** for reporting the
+  issue. **CVE-2024-26130**

Comment 1 John Helmert III archtester

2024-02-21 04:31:26 UTC

Thanks!