CVE-2017-5336
24.03.2017, 15:59
Stack-based buffer overflow in the cdk_pk_get_keyid function in lib/opencdk/pubkey.c in GnuTLS before 3.3.26 and 3.5.x before 3.5.8 allows remote attackers to have unspecified impact via a crafted OpenPGP certificate.Enginsight
| Vendor | Product | Version |
|---|---|---|
| opensuse | leap | 42.1 |
| opensuse | leap | 42.2 |
| gnu | gnutls | 𝑥 ≤ 3.3.25 |
| gnu | gnutls | 3.5.0 |
| gnu | gnutls | 3.5.1 |
| gnu | gnutls | 3.5.2 |
| gnu | gnutls | 3.5.3 |
| gnu | gnutls | 3.5.4 |
| gnu | gnutls | 3.5.5 |
| gnu | gnutls | 3.5.6 |
| gnu | gnutls | 3.5.7 |
𝑥
= Vulnerable software versions
Debian Releases
Ubuntu Releases
Ubuntu Product | |||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| gnutls26 |
| ||||||||||||||||||
| gnutls28 |
|
Common Weakness Enumeration
References