VDB
GCVE-110-MAGEIA-2014-248
GCVE-110-MAGEIA-2014-248
Advisory Published
Updated gnutls packages fix security vulnerabilities:
A NULL pointer dereference flaw was discovered in GnuTLS's
gnutls_x509_dn_oid_name(). The function, when called with the
GNUTLS_X509_DN_OID_RETURN_OID flag, should not return NULL to its caller.
However, it could previously return NULL when parsed X.509 certificates
included specific OIDs (CVE-2014-3465).
A flaw was found in the way GnuTLS parsed session ids from Server Hello
packets of the TLS/SSL handshake. A malicious server could use this flaw to
send an excessively long session id value and trigger a buffer overflow in a
connecting TLS/SSL client using GnuTLS, causing it to crash or, possibly,
execute arbitrary code (CVE-2014-3466).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | gnutls | 0 (affected), 3.1.16-1.3.mga3 (unaffected) | — |
| Mageia | gnutls | 0 (affected), 3.2.7-1.3.mga4 (unaffected) | — |
Aliases
Browse GCVE Records
73,196 records in the GCVE database · Updated July 17, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.