CVE-2020-24659 – An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer deref …

4 September 2020

Vuln ID: CVE-2020-24659

Published: 2020-09-04 15:15:10Z

Description: An issue was discovered in GnuTLS before 3.6.15. A server can trigger a NULL pointer dereference in a TLS 1.3 client if a no_renegotiation alert is sent with unexpected timing, and then an invalid second handshake occurs. The crash happens in the application’s error handling path, where the gnutls_deinit function is called after detecting a handshake failure.

Source: NVD.NIST.GOV

Date:

4 September 2020

Categorie(s):

NVD

Tag(s):

NVD

News live: legal appeal to repatriate Australian children from ‘desperate’ situation in Syria begins in federal court8 May 2024
Australia news live: Electric Fields crash out of Eurovision semi-final; Palaszczuk finds first post-politics role7 May 2024
Palo Alto Networks unveils new AI-powered security solutions to tackle advanced threats7 May 2024
Akamai to acquire Noname Security for $450M to enhance API security offerings7 May 2024
Australia News live: Electric Fields crash out of Eurovision semi-final; half of NSW threatened species face extinction7 May 2024