1176181 – (CVE-2020-24659) VUL-0: CVE-2020-24659: gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent

Bug 1176181 (CVE-2020-24659) - VUL-0: CVE-2020-24659: gnutls: Heap buffer overflow in handshake with no_renegotiation alert sent

Summary: VUL-0: CVE-2020-24659: gnutls: Heap buffer overflow in handshake with no_rene...

Status:	RESOLVED FIXED

Alias:	CVE-2020-24659

Product:	SUSE Security Incidents
Classification:	Novell Products
Component:	Incidents (show other bugs)
Version:	unspecified
Hardware:	Other Other

Priority:	P3 - Medium Severity: Normal
Target Milestone:	---
Assignee:	Security Team bot
QA Contact:	Security Team bot

URL:	https://smash.suse.de/issue/266770/
Whiteboard:	CVSSv3.1:SUSE:CVE-2020-24659:5.9:(AV:...
Keywords:

Depends on:
Blocks:

Clone This Bug

Reported:	2020-09-04 16:01 UTC by Marcus Meissner
Modified:	2024-04-08 13:52 UTC (History)
CC List:	2 users (show)

See Also:
Found By:	Security Response Team
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Marcus Meissner 2020-09-04 16:01:59 UTC

A flaw was found in Gnutls. The server can trigger the client to run into heap buffer overflow if a no_renegotiation alert is sent in an unexpected timing. That may cause the client to crash at the session deinitialization timing.

Upstream issue:

https://gitlab.com/gnutls/gnutls/-/issues/1071

Comment 3 Vítězslav Čížek 2020-09-18 15:38:10 UTC

According to upstream advisory (https://gnutls.org/security-new.html#GNUTLS-SA-2020-09-04) this affects TLS 1.3 clients, so older distributions shouldn't be affected.

Comment 4 Swamp Workflow Management 2020-10-06 13:14:42 UTC

SUSE-SU-2020:2864-1: An update that solves one vulnerability and has two fixes is now available.

Category: security (moderate)
Bug References: 1176086,1176181,1176671
CVE References: CVE-2020-24659
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Basesystem 15-SP2 (src):    gnutls-3.6.7-14.4.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 5 Swamp Workflow Management 2020-10-21 19:13:50 UTC

SUSE-SU-2020:2988-1: An update that solves one vulnerability and has two fixes is now available.

Category: security (moderate)
Bug References: 1176086,1176181,1176671
CVE References: CVE-2020-24659
JIRA References: 
Sources used:
SUSE Linux Enterprise Server for SAP 15 (src):    gnutls-3.6.7-6.34.1
SUSE Linux Enterprise Server 15-LTSS (src):    gnutls-3.6.7-6.34.1
SUSE Linux Enterprise Module for Basesystem 15-SP1 (src):    gnutls-3.6.7-6.34.1
SUSE Linux Enterprise High Performance Computing 15-LTSS (src):    gnutls-3.6.7-6.34.1
SUSE Linux Enterprise High Performance Computing 15-ESPOS (src):    gnutls-3.6.7-6.34.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 6 Swamp Workflow Management 2020-10-25 02:14:34 UTC

openSUSE-SU-2020:1724-1: An update that solves one vulnerability and has two fixes is now available.

Category: security (moderate)
Bug References: 1176086,1176181,1176671
CVE References: CVE-2020-24659
JIRA References: 
Sources used:
openSUSE Leap 15.1 (src):    gnutls-3.6.7-lp151.2.21.1

Comment 7 Swamp Workflow Management 2020-10-26 14:14:56 UTC

openSUSE-SU-2020:1743-1: An update that solves one vulnerability and has two fixes is now available.

Category: security (moderate)
Bug References: 1176086,1176181,1176671
CVE References: CVE-2020-24659
JIRA References: 
Sources used:
openSUSE Leap 15.2 (src):    gnutls-3.6.7-lp152.9.3.2

Comment 8 Alexandros Toptsoglou 2020-10-27 15:22:36 UTC

DONE

Comment 9 Swamp Workflow Management 2022-07-14 18:50:53 UTC

SUSE-SU-2020:2864-2: An update that solves one vulnerability and has two fixes is now available.

Category: security (moderate)
Bug References: 1176086,1176181,1176671
CVE References: CVE-2020-24659
JIRA References: 
Sources used:
SUSE Linux Enterprise Module for Certifications 15-SP3 (src):    gnutls-3.6.7-14.4.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.