VDB
DEBIAN-CVE-2024-12243
DEBIAN-CVE-2024-12243
PUBLISHED
CVSS 5.300000190734863 MEDIUM
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.
Risk Scores
CVSS 3.1
5.300000190734863
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Debian:12 | gnutls28 | 0, 0, 3.7.9-2 |
| Debian:13 | gnutls28 | 0, 0, 0 |
| Debian:14 | gnutls28 | 0, 0, 0 |
| Debian:11 | gnutls28 | 3.7.1-5+deb11u3, 3.7.1-5+deb11u6, * |
Timeline
- Feb 10, 2025 CVE Published
- Apr 28, 2026 CVE Updated