CVE-2019-3829 in GNU and Fedora Project Products
Published on March 27, 2019
A vulnerability was found in gnutls versions from 3.5.8 before 3.6.7. A memory corruption (double free) vulnerability in the certificate verification API. Any client or server application that verifies X.509 certificates with GnuTLS 3.5.8 or later is affected.
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
Vendor Advisory
NVD
Weakness Type
What is a Dangling pointer Vulnerability?
Referencing memory after it has been freed can cause a program to crash, use unexpected values, or execute code.
CVE-2019-3829 has been classified to as a Dangling pointer vulnerability or weakness.
Products Associated with CVE-2019-3829
stack.watch emails you whenever new vulnerabilities are published in Gnutls or Fedora Project Fedora. Just hit a watch button to start following.
Affected Versions
gnutls:- Version fixed in 3.6.7 is affected.
- Version affected from 3.5.8 is affected.
Exploit Probability
EPSS
2.08%
Percentile
83.91%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.