A flaw was found in the way GnuTLS parsed session IDs from ServerHello messages of the TLS/SSL handshake. A malicious server could use this flaw to send an excessively long session ID value, which would trigger a buffer overflow in a connecting TLS/SSL client application using GnuTLS, causing the client application to crash or, possibly, execute arbitrary code.
NOTE: The following CVSS v2.0 metrics and score provided are preliminary and subject to review.
|Base Score:||6.8||Base Metrics:||AV:N/AC:M/Au:N/C:P/I:P/A:P|
|Access Vector:||Network||Attack Complexity:||Medium|
|Authentication:||None required||Confidentiality Impact:||Partial|
|Integrity Impact:||Partial||Availability Impact:||Partial|
|Oracle Linux version 5 (gnutls)||ELSA-2014-0594||2014-06-03|
|Oracle Linux version 6 (gnutls)||ELSA-2014-0595||2014-06-03|
|Oracle Linux version 7 (gnutls)||ELSA-2014-0684||2014-07-23|
This page is generated automatically and has not been checked for errors or omissions. For clarification or corrections please contact the Oracle Linux ULN team