Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2024-28835

Summary
Assigner-redhat
Assigner Org ID-53f830b8-0a3f-465b-8143-3b8a9948e749
Published At-21 Mar, 2024 | 06:13
Updated At-21 May, 2025 | 15:18
Rejected At-
Credits

Gnutls: potential crash during chain building/verification

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:redhat
Assigner Org ID:53f830b8-0a3f-465b-8143-3b8a9948e749
Published At:21 Mar, 2024 | 06:13
Updated At:21 May, 2025 | 15:18
Rejected At:
▼CVE Numbering Authority (CNA)
Gnutls: potential crash during chain building/verification

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.

Affected Products
Collection URL
https://gitlab.com/gnutls/gnutls/
Package Name
gnutls
Default Status
unaffected
Versions
Affected
  • 3.8.3
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
gnutls
CPEs
  • cpe:/o:redhat:enterprise_linux:9::baseos
  • cpe:/a:redhat:enterprise_linux:9::appstream
Default Status
affected
Versions
Unaffected
  • From 0:3.7.6-23.el9_3.4 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
gnutls
CPEs
  • cpe:/o:redhat:enterprise_linux:9::baseos
  • cpe:/a:redhat:enterprise_linux:9::appstream
Default Status
affected
Versions
Unaffected
  • From 0:3.8.3-4.el9_4 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
gnutls
CPEs
  • cpe:/o:redhat:enterprise_linux:9::baseos
  • cpe:/a:redhat:enterprise_linux:9::appstream
Default Status
affected
Versions
Unaffected
  • From 0:3.7.6-23.el9_3.4 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
gnutls
CPEs
  • cpe:/o:redhat:enterprise_linux:9::baseos
  • cpe:/a:redhat:enterprise_linux:9::appstream
Default Status
affected
Versions
Unaffected
  • From 0:3.8.3-4.el9_4 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 9.2 Extended Update Support
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
gnutls
CPEs
  • cpe:/o:redhat:rhel_eus:9.2::baseos
  • cpe:/a:redhat:rhel_eus:9.2::appstream
Default Status
affected
Versions
Unaffected
  • From 0:3.7.6-21.el9_2.3 before * (rpm)
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 10
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
gnutls
CPEs
  • cpe:/o:redhat:enterprise_linux:10
Default Status
affected
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 6
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
gnutls
CPEs
  • cpe:/o:redhat:enterprise_linux:6
Default Status
unknown
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 7
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
gnutls
CPEs
  • cpe:/o:redhat:enterprise_linux:7
Default Status
unknown
Vendor
Red Hat, Inc.Red Hat
Product
Red Hat Enterprise Linux 8
Collection URL
https://access.redhat.com/downloads/content/package-browser/
Package Name
gnutls
CPEs
  • cpe:/o:redhat:enterprise_linux:8
Default Status
unaffected
Problem Types
TypeCWE IDDescription
CWECWE-248Uncaught Exception
Type: CWE
CWE ID: CWE-248
Description: Uncaught Exception
Metrics
VersionBase scoreBase severityVector
3.15.0MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 5.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Metrics Other Info
Red Hat severity rating
value:
Moderate
namespace:
https://access.redhat.com/security/updates/classification/
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

Exploits
Credits
Timeline
EventDate
Reported to Red Hat.2024-03-11 00:00:00
Made public.2024-03-21 00:00:00
Event: Reported to Red Hat.
Date: 2024-03-11 00:00:00
Event: Made public.
Date: 2024-03-21 00:00:00
Replaced By
Rejected Reason
References
HyperlinkResource
https://access.redhat.com/errata/RHSA-2024:1879
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2570
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2024:2889
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/security/cve/CVE-2024-28835
vdb-entry
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2269084
issue-tracking
x_refsource_REDHAT
https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html
N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2024:1879
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2024:2570
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/errata/RHSA-2024:2889
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://access.redhat.com/security/cve/CVE-2024-28835
Resource:
vdb-entry
x_refsource_REDHAT
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2269084
Resource:
issue-tracking
x_refsource_REDHAT
Hyperlink: https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html
Resource: N/A
▼Authorized Data Publishers (ADP)
1. CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
2. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://www.openwall.com/lists/oss-security/2024/03/22/1
x_transferred
http://www.openwall.com/lists/oss-security/2024/03/22/2
x_transferred
https://access.redhat.com/errata/RHSA-2024:1879
vendor-advisory
x_refsource_REDHAT
x_transferred
https://access.redhat.com/errata/RHSA-2024:2570
vendor-advisory
x_refsource_REDHAT
x_transferred
https://access.redhat.com/errata/RHSA-2024:2889
vendor-advisory
x_refsource_REDHAT
x_transferred
https://access.redhat.com/security/cve/CVE-2024-28835
vdb-entry
x_refsource_REDHAT
x_transferred
https://bugzilla.redhat.com/show_bug.cgi?id=2269084
issue-tracking
x_refsource_REDHAT
x_transferred
https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html
x_transferred
https://security.netapp.com/advisory/ntap-20241122-0009/
N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2024/03/22/1
Resource:
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2024/03/22/2
Resource:
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2024:1879
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2024:2570
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2024:2889
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://access.redhat.com/security/cve/CVE-2024-28835
Resource:
vdb-entry
x_refsource_REDHAT
x_transferred
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2269084
Resource:
issue-tracking
x_refsource_REDHAT
x_transferred
Hyperlink: https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html
Resource:
x_transferred
Hyperlink: https://security.netapp.com/advisory/ntap-20241122-0009/
Resource: N/A
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:secalert@redhat.com
Published At:21 Mar, 2024 | 06:15
Updated At:22 Nov, 2024 | 12:15

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the "certtool --verify-chain" command.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.15.0MEDIUM
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 5.0
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-248Secondarysecalert@redhat.com
CWE ID: CWE-248
Type: Secondary
Source: secalert@redhat.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://access.redhat.com/errata/RHSA-2024:1879secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2024:2570secalert@redhat.com
N/A
https://access.redhat.com/errata/RHSA-2024:2889secalert@redhat.com
N/A
https://access.redhat.com/security/cve/CVE-2024-28835secalert@redhat.com
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=2269084secalert@redhat.com
N/A
https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.htmlsecalert@redhat.com
N/A
http://www.openwall.com/lists/oss-security/2024/03/22/1af854a3a-2127-422b-91ae-364da2661108
N/A
http://www.openwall.com/lists/oss-security/2024/03/22/2af854a3a-2127-422b-91ae-364da2661108
N/A
https://access.redhat.com/errata/RHSA-2024:1879af854a3a-2127-422b-91ae-364da2661108
N/A
https://access.redhat.com/errata/RHSA-2024:2570af854a3a-2127-422b-91ae-364da2661108
N/A
https://access.redhat.com/errata/RHSA-2024:2889af854a3a-2127-422b-91ae-364da2661108
N/A
https://access.redhat.com/security/cve/CVE-2024-28835af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.redhat.com/show_bug.cgi?id=2269084af854a3a-2127-422b-91ae-364da2661108
N/A
https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
https://security.netapp.com/advisory/ntap-20241122-0009/af854a3a-2127-422b-91ae-364da2661108
N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2024:1879
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2024:2570
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2024:2889
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://access.redhat.com/security/cve/CVE-2024-28835
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2269084
Source: secalert@redhat.com
Resource: N/A
Hyperlink: https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html
Source: secalert@redhat.com
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2024/03/22/1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2024/03/22/2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2024:1879
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2024:2570
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://access.redhat.com/errata/RHSA-2024:2889
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://access.redhat.com/security/cve/CVE-2024-28835
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.redhat.com/show_bug.cgi?id=2269084
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://security.netapp.com/advisory/ntap-20241122-0009/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

5Records found
CVE-2024-2496
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-5||MEDIUM
EPSS-0.04% / 9.49%
||
7 Day CHG~0.00%
Published-18 Mar, 2024 | 12:54
Updated-04 Aug, 2025 | 05:21
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Libvirt: null pointer dereference in udevconnectlistallinterfaces()

A NULL pointer dereference flaw was found in the udevConnectListAllInterfaces() function in libvirt. This issue can occur when detaching a host interface while at the same time collecting the list of interfaces via virConnectListAllInterfaces API. This flaw could be used to perform a denial of service attack by causing the libvirt daemon to crash.

Action-Not Available
Vendor-Red Hat, Inc.
Product-Red Hat Enterprise Linux 7Red Hat Enterprise Linux 6Red Hat Enterprise Linux 9Red Hat Enterprise Linux 8 Advanced VirtualizationRed Hat Enterprise Linux 8
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2025-5917
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-2.8||LOW
EPSS-0.01% / 1.91%
||
7 Day CHG~0.00%
Published-09 Jun, 2025 | 19:49
Updated-15 Aug, 2025 | 18:22
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Libarchive: off by one error in build_ustar_entry_name() at archive_write_set_format_pax.c

A vulnerability has been identified in the libarchive library. This flaw involves an 'off-by-one' miscalculation when handling prefixes and suffixes for file names. This can lead to a 1-byte write overflow. While seemingly small, such an overflow can corrupt adjacent memory, leading to unpredictable program behavior, crashes, or in specific circumstances, could be leveraged as a building block for more sophisticated exploitation.

Action-Not Available
Vendor-libarchiveRed Hat, Inc.
Product-libarchiveenterprise_linuxopenshift_container_platformRed Hat Enterprise Linux 8Red Hat Enterprise Linux 10Red Hat Enterprise Linux 6Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat OpenShift Container Platform 4
CWE ID-CWE-787
Out-of-bounds Write
CVE-2024-11738
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-5.3||MEDIUM
EPSS-1.03% / 76.35%
||
7 Day CHG-0.23%
Published-06 Dec, 2024 | 14:54
Updated-29 Jul, 2025 | 19:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rustls: rustls network-reachable panic in `acceptor::accept`

A flaw was found in Rustls 0.23.13 and related APIs. This vulnerability allows denial of service (panic) via a fragmented TLS ClientHello message.

Action-Not Available
Vendor-rustls_projectRed Hat, Inc.
Product-rustlsRed Hat Trusted Artifact Signer
CWE ID-CWE-248
Uncaught Exception
CVE-2025-3891
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.43% / 61.41%
||
7 Day CHG~0.00%
Published-29 Apr, 2025 | 11:56
Updated-06 Aug, 2025 | 04:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mod_auth_openidc: dos via empty post in mod_auth_openidc with oidcpreservepost enabled

A flaw was found in the mod_auth_openidc module for Apache httpd. This flaw allows a remote, unauthenticated attacker to trigger a denial of service by sending an empty POST request when the OIDCPreservePost directive is enabled. The server crashes consistently, affecting availability.

Action-Not Available
Vendor-The Apache Software FoundationDebian GNU/LinuxRed Hat, Inc.
Product-http_serverdebian_linuxenterprise_linuxRed Hat Enterprise Linux 10Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat Enterprise Linux 9Red Hat Enterprise Linux 9.0 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.4 Extended Update SupportRed Hat Enterprise Linux 7Red Hat Enterprise Linux 8.6 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.6 Telecommunications Update ServiceRed Hat Enterprise Linux 8
CWE ID-CWE-248
Uncaught Exception
CVE-2023-3966
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.15% / 35.68%
||
7 Day CHG~0.00%
Published-22 Feb, 2024 | 12:15
Updated-16 May, 2025 | 14:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet

A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled.

Action-Not Available
Vendor-openvswitchRDOn/aFedora ProjectRed Hat, Inc.
Product-openvswitchfedoraFast Datapath for RHEL 9Red Hat OpenShift Container Platform 3.11openvswitchOpenStack RDOFast Datapath for RHEL 7Red Hat Enterprise Linux 7FedoraFast Datapath for RHEL 8
CWE ID-CWE-248
Uncaught Exception
Details not found