CVE-2014-8564

Priority
Description
The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x
before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote
attackers to cause a denial of service (out-of-bounds write) via a crafted
(1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate
signing requests (CSR), related to generating key IDs.
Assigned-to
mdeslaur
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):not-affected (code not present)
Ubuntu 14.04 LTS (Trusty Tahr):not-affected (code not present)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
More Information

Updated: 2019-01-14 21:16:12 UTC (commit 51f9b73af244ba86b9321e46e526586c25a8e060)