CVE-2024-12243

MEDIUM

GnuTLS - Denial of Service

Title source: llm

Description

A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.

References (13)

Core 13

Core References

Mailing List

https://lists.debian.org/debian-lts-announce/2025/02/msg00027.html

Vendor Advisory

https://security.netapp.com/advisory/ntap-20250523-0002/

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:17361

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:4051

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:7076

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:8020

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2025:8385

Vendor Advisory vdb-entry x_refsource_redhat

https://access.redhat.com/security/cve/CVE-2024-12243

Issue Tracking issue-tracking x_refsource_redhat

https://bugzilla.redhat.com/show_bug.cgi?id=2344615

https://gitlab.com/gnutls/gnutls/-/issues/1553

Issue Tracking

https://gitlab.com/gnutls/libtasn1/-/issues/52

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-082556.html

Vendor Advisory

https://cert-portal.siemens.com/productcert/html/ssa-202008.html

Scores

CVSS v3 5.3

EPSS 0.0119

EPSS Percentile 63.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-407

Status published

Products (11)

Red Hat/Red Hat Discovery 1.14 sha256:492e412759cf0eedfa5b557f7b0865f8864f84d0ed75e11dc8d7a840837d9644

Red Hat/Red Hat Discovery 1.14 sha256:ad1045aa0de937c3a6969ec377f7bfeda9a44ee434a954e8245e9840316ffc1c

Red Hat/Red Hat Discovery 1.14 sha256:c960fa13577db72b52765d6941688f431f61fe38adb717b2d8bb6569e241bc5e

Red Hat/Red Hat Enterprise Linux 10

Red Hat/Red Hat Enterprise Linux 6

Red Hat/Red Hat Enterprise Linux 7

Red Hat/Red Hat Enterprise Linux 8 0:3.6.16-8.el8_10.3

Red Hat/Red Hat Enterprise Linux 9 0:3.8.3-6.el9

Red Hat/Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 0:3.7.6-21.el9_2.4

Red Hat/Red Hat Enterprise Linux 9.4 Extended Update Support 0:3.8.3-4.el9_4.2

... and 1 more

Published Feb 10, 2025

Tracked Since Feb 18, 2026