Null Pointer Deref in GnuTLS Nettle Hash Leading DoS
CVE-2021-4209 Published on August 24, 2022

A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.

NVD

Weakness Type

NULL Pointer Dereference

A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit. NULL pointer dereference issues can occur through a number of flaws, including race conditions, and simple programming omissions.

Products Associated with CVE-2021-4209

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2021-4209 are published in these products:

Canonical Ubuntu Linux

Gnutls

Red Hat Enterprise Linux (RHEL)

NetApp Solidfire Hci Management Node

NetApp Active Iq Unified Manager

Exploit Probability

EPSS

0.34%

Percentile

56.47%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.

Null Pointer Deref in GnuTLS Nettle Hash Leading DoSCVE-2021-4209 Published on August 24, 2022

Weakness Type

NULL Pointer Dereference

Products Associated with CVE-2021-4209

Exploit Probability

Null Pointer Deref in GnuTLS Nettle Hash Leading DoS
CVE-2021-4209 Published on August 24, 2022