|
Description: | | GnuTLS version 3.5.12 and earlier is vulnerable to a NULL pointer dereference while decoding a status response TLS extension with valid contents. The vulnerability is due to improper parsing of certain values in the status_request extension.us ECDH ciphersuites. This could lead to a crash of the GnuTLS server application. |
|
Impact: | | An attacker can launch a denial of service attack by exploiting the vulnerability successfully. |
|
Affected OS: | | Solaris, Other Unix, FreeBSD, Linux |
|
Reference: | | CVE-2017-7507
|
|