CVE-2021-20232

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2021-20232

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-20232.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2021-20232

Downstream

ALPINE-CVE-2021-20232

DEBIAN-CVE-2021-20232

OESA-2021-1109

RHSA-2021:4451

SUSE-SU-2021:0934-1

SUSE-SU-2021:0935-1

UBUNTU-CVE-2021-20232

USN-5029-1

openSUSE-SU-2021:0470-1

openSUSE-SU-2024:10801-1

Related

Published

2021-03-12T19:15:13Z

Modified

2025-10-15T12:24:41.046092Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

A flaw was found in gnutls. A use after free issue in clientsendparams in lib/ext/presharedkey.c may lead to memory corruption and other potential consequences.

References

Affected packages

Git / github.com/gnutls/gnutls

Affected ranges

Type: GIT
Repo: https://github.com/gnutls/gnutls
Events: Introduced

c87f22eec1b412aaafa873ff81b02f52532bfa79

Fixed

3aa1c455cc2fd7f63a0ee6fd90791b46bf06eb79

Affected versions

3.*

3.6.12

3.6.13

3.6.14

3.7.0

Other

gnutls_3_6_10

gnutls_3_6_11

gnutls_3_6_11_1

gnutls_3_6_12

gnutls_3_6_3

gnutls_3_6_4

gnutls_3_6_5

gnutls_3_6_6

gnutls_3_6_7

gnutls_3_6_9