CVE-2024-12243

EUVD-2024-50709
A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.3 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 79%
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
SiemensSIMATIC S7-1500 CPU 1518-4 PN\/DP MFP
V3.1.5 ≤
𝑥
< *
ADP
SiemensSIMATIC S7-1500 CPU 1518-4 PN\/DP MFP
V3.1.5 ≤
𝑥
< *
ADP
SiemensSIMATIC S7-1500 CPU 1518F-4 PN\/DP MFP
V3.1.5 ≤
𝑥
< *
ADP
SiemensSIMATIC S7-1500 CPU 1518F-4 PN\/DP MFP
V3.1.5 ≤
𝑥
< *
ADP
SiemensSIPLUS S7-1500 CPU 1518-4 PN\/DP MFP
V3.1.5 ≤
𝑥
< *
ADP
SiemensRUGGEDCOM ROX MX5000
𝑥
< V2.17.0
ADP
SiemensRUGGEDCOM ROX MX5000RE
𝑥
< V2.17.0
ADP
SiemensRUGGEDCOM ROX RX1400
𝑥
< V2.17.0
ADP
SiemensRUGGEDCOM ROX RX1500
𝑥
< V2.17.0
ADP
SiemensRUGGEDCOM ROX RX1501
𝑥
< V2.17.0
ADP
SiemensRUGGEDCOM ROX RX1510
𝑥
< V2.17.0
ADP
SiemensRUGGEDCOM ROX RX1511
𝑥
< V2.17.0
ADP
SiemensRUGGEDCOM ROX RX1512
𝑥
< V2.17.0
ADP
SiemensRUGGEDCOM ROX RX1524
𝑥
< V2.17.0
ADP
SiemensRUGGEDCOM ROX RX1536
𝑥
< V2.17.0
ADP
SiemensRUGGEDCOM ROX RX5000
𝑥
< V2.17.0
ADP
Debian logo
Debian Releases
Debian Product
Codename
gnutls28
bookworm
3.7.9-2+deb12u5
fixed
bookworm (security)
3.7.9-2+deb12u5
fixed
bullseye
vulnerable
bullseye (security)
3.7.1-5+deb11u8
fixed
forky
3.8.11-3
fixed
sid
3.8.11-3
fixed
trixie
3.8.9-3
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
gnutls28
bionic
needs-triage
focal
Fixed 3.6.13-2ubuntu1.12
released
jammy
Fixed 3.7.3-4ubuntu1.6
released
noble
Fixed 3.8.3-1.1ubuntu3.3
released
oracular
Fixed 3.8.6-2ubuntu1.1
released
plucky
Fixed 3.8.9-2ubuntu1
released
questing
Fixed 3.8.9-2ubuntu1
released
xenial
needs-triage
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
gnutls
suse enterprise desktop 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise desktop 15 SP7
3.8.3-150600.4.6.2
fixed
suse enterprise sap 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise sap 15 SP7
3.8.3-150600.4.6.2
fixed
suse enterprise server 12 SP3
3.3.27-3.9.1
fixed
suse enterprise server 15 SP4
3.7.3-150400.4.47.1
fixed
suse enterprise server 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise server 15 SP7
3.8.3-150600.4.6.2
fixed
libgnutls-devel
suse enterprise desktop 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise desktop 15 SP7
3.8.3-150600.4.6.2
fixed
suse enterprise sap 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise sap 15 SP7
3.8.3-150600.4.6.2
fixed
suse enterprise server 15 SP4
3.7.3-150400.4.47.1
fixed
suse enterprise server 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise server 15 SP7
3.8.3-150600.4.6.2
fixed
libgnutls-openssl27
suse enterprise server 12 SP3
3.3.27-3.9.1
fixed
libgnutls28
suse enterprise server 12 SP3
3.3.27-3.9.1
fixed
libgnutls28-32bit
suse enterprise server 12 SP3
3.3.27-3.9.1
fixed
libgnutls30
suse enterprise desktop 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise desktop 15 SP7
3.8.3-150600.4.6.2
fixed
suse enterprise sap 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise sap 15 SP7
3.8.3-150600.4.6.2
fixed
suse enterprise server 15 SP4
3.7.3-150400.4.47.1
fixed
suse enterprise server 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise server 15 SP7
3.8.3-150600.4.6.2
fixed
libgnutls30-32bit
suse enterprise desktop 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise desktop 15 SP7
3.8.3-150600.4.6.2
fixed
suse enterprise sap 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise sap 15 SP7
3.8.3-150600.4.6.2
fixed
suse enterprise server 15 SP4
3.7.3-150400.4.47.1
fixed
suse enterprise server 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise server 15 SP7
3.8.3-150600.4.6.2
fixed
libgnutls30-hmac
suse enterprise server 15 SP4
3.7.3-150400.4.47.1
fixed
libgnutls30-hmac-32bit
suse enterprise server 15 SP4
3.7.3-150400.4.47.1
fixed
libgnutlsxx-devel
suse enterprise desktop 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise desktop 15 SP7
3.8.3-150600.4.6.2
fixed
suse enterprise sap 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise sap 15 SP7
3.8.3-150600.4.6.2
fixed
suse enterprise server 15 SP4
3.7.3-150400.4.47.1
fixed
suse enterprise server 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise server 15 SP7
3.8.3-150600.4.6.2
fixed
libgnutlsxx28
suse enterprise server 15 SP4
3.7.3-150400.4.47.1
fixed
libgnutlsxx30
suse enterprise desktop 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise desktop 15 SP7
3.8.3-150600.4.6.2
fixed
suse enterprise sap 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise sap 15 SP7
3.8.3-150600.4.6.2
fixed
suse enterprise server 15 SP6
3.8.3-150600.4.6.2
fixed
suse enterprise server 15 SP7
3.8.3-150600.4.6.2
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
gnutls
RHEL 8
0:3.6.16-8.el8_10.3
fixed
RHEL 9
0:3.8.3-6.el9
fixed
gnutls-c
RHEL 8
0:3.6.16-8.el8_10.3
fixed
RHEL 9
0:3.8.3-6.el9
fixed
gnutls-dane
RHEL 8
0:3.6.16-8.el8_10.3
fixed
RHEL 9
0:3.8.3-6.el9
fixed
gnutls-devel
RHEL 8
0:3.6.16-8.el8_10.3
fixed
RHEL 9
0:3.8.3-6.el9
fixed
gnutls-utils
RHEL 8
0:3.6.16-8.el8_10.3
fixed
RHEL 9
0:3.8.3-6.el9
fixed
Common Weakness Enumeration
References
https://access.redhat.com/errata/RHSA-2025:17361
https://access.redhat.com/errata/RHSA-2025:4051
https://access.redhat.com/errata/RHSA-2025:7076
https://access.redhat.com/errata/RHSA-2025:8020
https://access.redhat.com/errata/RHSA-2025:8385
https://access.redhat.com/security/cve/CVE-2024-12243
https://bugzilla.redhat.com/show_bug.cgi?id=2344615
https://gitlab.com/gnutls/gnutls/-/issues/1553
https://gitlab.com/gnutls/libtasn1/-/issues/52
https://lists.debian.org/debian-lts-announce/2025/02/msg00027.html
https://security.netapp.com/advisory/ntap-20250523-0002/
https://cert-portal.siemens.com/productcert/html/ssa-082556.html
https://cert-portal.siemens.com/productcert/html/ssa-202008.html