CVE-2008-2377 - Vulnerability Details - OpenCVE

Use-after-free vulnerability in the _gnutls_handshake_hash_buffers_clear function in lib/gnutls_handshake.c in libgnutls in GnuTLS 2.3.5 through 2.4.0 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via TLS transmission of data that is improperly used when the peer calls gnutls_handshake within a normal session, leading to attempted access to a deallocated libgcrypt handle.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity High

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

This CVE is not in the KEV list.

The EPSS score is 0.12134.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

n/a

n/a

affected

Version	Status	Constraints
`n/a`	affected	—

Configuration 1 [-]

OR	cpe:2.3:a:gnu:gnutls:2.3.5:::::::*
	cpe:2.3:a:gnu:gnutls:2.3.6:::::::*
	cpe:2.3:a:gnu:gnutls:2.3.7:::::::*
	cpe:2.3:a:gnu:gnutls:2.3.8:::::::*
	cpe:2.3:a:gnu:gnutls:2.3.9:::::::*
	cpe:2.3:a:gnu:gnutls:2.4.0:::::::*

No data.

No data.

Project Subscriptions

Vendors	Products
Gnu Subscribe	Gnutls Subscribe

Advisories

No advisories yet.

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2947
http://secunia.com/advisories/31505
http://www.gnu.org/software/gnutls/security.html
http://www.nabble.com/Details-on-the-gnutls_handshake-local-crash-problem--GNUTLS-SA-2008-2--td18205022.html
http://www.securityfocus.com/bid/30713
http://www.vupen.com/english/advisories/2008/2398
https://exchange.xforce.ibmcloud.com/vulnerabilities/44486
https://issues.rpath.com/browse/RPL-2650

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2008-08-08T19:00:00.000Z

Updated: 2024-08-07T08:58:02.218Z

Reserved: 2008-05-21T00:00:00.000Z

Link: CVE-2008-2377

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2008-08-08T19:41:00.000

Modified: 2025-04-09T00:30:58.490

Link: CVE-2008-2377

Redhat

No data.

OpenCVE Enrichment

No data.

Weaknesses

CWE-119

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-06-30T00:00:00.000Z", "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in the _gnutls_handshake_hash_buffers_clear function in lib/gnutls_handshake.c in libgnutls in GnuTLS 2.3.5 through 2.4.0 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via TLS transmission of data that is improperly used when the peer calls gnutls_handshake within a normal session, leading to attempted access to a deallocated libgcrypt handle."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-07T12:57:01.000Z", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "[gnutls-devel] 20080630 GnuTLS 2.4.1", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2947"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://issues.rpath.com/browse/RPL-2650"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.gnu.org/software/gnutls/security.html"}, {"name": "[gnutls-devel] 20080630 Details on the gnutls_handshake local crash problem [GNUTLS-SA-2008-2]", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.nabble.com/Details-on-the-gnutls_handshake-local-crash-problem--GNUTLS-SA-2008-2--td18205022.html"}, {"name": "ADV-2008-2398", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2398"}, {"name": "30713", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/30713"}, {"name": "gnutls-gnutlshandshake-code-execution(44486)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44486"}, {"name": "31505", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/31505"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T08:58:02.218Z"}, "title": "CVE Program Container", "references": [{"name": "[gnutls-devel] 20080630 GnuTLS 2.4.1", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2947"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://issues.rpath.com/browse/RPL-2650"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.gnu.org/software/gnutls/security.html"}, {"name": "[gnutls-devel] 20080630 Details on the gnutls_handshake local crash problem [GNUTLS-SA-2008-2]", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.nabble.com/Details-on-the-gnutls_handshake-local-crash-problem--GNUTLS-SA-2008-2--td18205022.html"}, {"name": "ADV-2008-2398", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2398"}, {"name": "30713", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/30713"}, {"name": "gnutls-gnutlshandshake-code-execution(44486)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44486"}, {"name": "31505", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/31505"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2008-2377", "datePublished": "2008-08-08T19:00:00.000Z", "dateReserved": "2008-05-21T00:00:00.000Z", "dateUpdated": "2024-08-07T08:58:02.218Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:gnutls:2.3.5:*:*:*:*:*:*:*", "matchCriteriaId": "C51E0C88-B19C-408D-AC17-10CE7462D48A", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gnutls:2.3.6:*:*:*:*:*:*:*", "matchCriteriaId": "7A7FBFAA-263C-4B7B-A135-9824DFD8CCDA", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gnutls:2.3.7:*:*:*:*:*:*:*", "matchCriteriaId": "2AC41482-B3BC-4C93-A850-73A179BAB763", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gnutls:2.3.8:*:*:*:*:*:*:*", "matchCriteriaId": "ADC80BE1-28A6-4348-A061-8FD9C805E945", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gnutls:2.3.9:*:*:*:*:*:*:*", "matchCriteriaId": "9D8EF703-AE06-4DD7-9235-2D8CCDB24F96", "vulnerable": true}, {"criteria": "cpe:2.3:a:gnu:gnutls:2.4.0:*:*:*:*:*:*:*", "matchCriteriaId": "AFB33002-E5C6-4573-BC94-647DDE4E6F89", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Use-after-free vulnerability in the _gnutls_handshake_hash_buffers_clear function in lib/gnutls_handshake.c in libgnutls in GnuTLS 2.3.5 through 2.4.0 allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via TLS transmission of data that is improperly used when the peer calls gnutls_handshake within a normal session, leading to attempted access to a deallocated libgcrypt handle."}, {"lang": "es", "value": "Vulnerabilidad de uso despu\u00e9s de liberaci\u00f3n en la funci\u00f3n _gnutls_handshake_hash_buffers_clear de lib/gnutls_handshake.c en libgnutls de GnuTLS 2.3.5 hasta 2.4.0 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (caida) o posiblemente ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de transmisiones TLS de datos que no son usadas apropiadamente cuando las llamadas pares gnutls_handshake dentro de una sesi\u00f3n normal, conducen a intentos de acceso a manejadores libgcrypt no asignados."}], "id": "CVE-2008-2377", "lastModified": "2025-04-09T00:30:58.490", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "HIGH", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.6, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:H/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 4.9, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2008-08-08T19:41:00.000", "references": [{"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2947"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/31505"}, {"source": "secalert@redhat.com", "url": "http://www.gnu.org/software/gnutls/security.html"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://www.nabble.com/Details-on-the-gnutls_handshake-local-crash-problem--GNUTLS-SA-2008-2--td18205022.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/30713"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2008/2398"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44486"}, {"source": "secalert@redhat.com", "url": "https://issues.rpath.com/browse/RPL-2650"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://article.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/2947"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/31505"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gnu.org/software/gnutls/security.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.nabble.com/Details-on-the-gnutls_handshake-local-crash-problem--GNUTLS-SA-2008-2--td18205022.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/30713"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2008/2398"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44486"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://issues.rpath.com/browse/RPL-2650"}], "sourceIdentifier": "secalert@redhat.com", "vendorComments": [{"comment": "Not vulnerable. This issue did not affect the versions of gnutls as shipped with Red Hat Enterprise Linux 4, or 5.", "lastModified": "2008-08-11T00:00:00", "organization": "Red Hat"}], "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-119"}], "source": "nvd@nist.gov", "type": "Primary"}]}