Vigil@nce - GnuTLS: double memory free via Certificate List
May 2012 by Vigil@nce
This bulletin was written by Vigil@nce : http://vigilance.fr/offer
SYNTHESIS OF THE VULNERABILITY
An attacker can use a malformed certificate list, in order to
generate a double memory free in GnuTLS, leading to a denial of
service or to code execution.
Severity: 2/4
Creation date: 15/05/2012
IMPACTED PRODUCTS
– openSUSE
– Unix - plateform
DESCRIPTION OF THE VULNERABILITY
The GnuTLS library implements SSL/TLS.
A list of X.509 certificates for example indicates the
certification list from a root authority.
When a certificate list is malformed, GnuTLS detects the error,
but a memory area is freed twice.
An attacker can therefore use a malformed certificate list, in
order to generate a double memory free in GnuTLS, leading to a
denial of service or to code execution.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
http://vigilance.fr/vulnerability/GnuTLS-double-memory-free-via-Certificate-List-11630