Bug 1221747 (CVE-2024-28835) - VUL-0: CVE-2024-28835: gnutls: certtool crash when verifying a certificate chain
Summary: VUL-0: CVE-2024-28835: gnutls: certtool crash when verifying a certificate c...
Status: IN_PROGRESS
Alias: CVE-2024-28835
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents (show other bugs)
Version: unspecified
Hardware: Other Other
: P3 - Medium : Normal
Target Milestone: ---
Assignee: Security Team bot
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/398340/
Whiteboard: CVSSv3.1:SUSE:CVE-2024-28835:5.0:(AV:...
Keywords:
Depends on:
Blocks:
 
Reported: 2024-03-20 09:53 UTC by Robert Frohl
Modified: 2024-07-17 16:30 UTC (History)
2 users (show)

See Also:
Found By: ---
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Robert Frohl 2024-03-20 09:53:57 UTC 
** libgnutls: Fixed a bug where certtool crashed when verifying a 
certificate chain with more than 16 certificates. Reported by William 
Woodruff (#1525) and yixiangzhike (#1527). [GNUTLS-SA-2024-01-23, CVSS: 
medium] [CVE-2024-28835]

https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html
Comment 1 Pedro Monreal Gonzalez 2024-03-20 10:27:51 UTC 
Upstream: https://gitlab.com/gnutls/gnutls/commit/e369e67a
Comment 2 Pedro Monreal Gonzalez 2024-03-20 15:17:09 UTC 
See also: https://gitlab.com/gnutls/gnutls/-/issues/1525
Comment 3 Pedro Monreal Gonzalez 2024-03-20 15:18:00 UTC 
And also: https://gitlab.com/gnutls/gnutls/-/issues/1527
Comment 4 Andrea Mattiazzo 2024-04-02 15:20:30 UTC 
Trying with reproducer [0] with 37 certificates in the chain crashes only in:
- SUSE:ALP:Source:Standard:1.0/gnutls
- SUSE:SLE-15-SP4:Update/gnutls
- SUSE:SLE-15-SP4:Update:Products:Micro53:Update/gnutls


Already fixed:
-openSUSE:Factory/gnutls
Comment 8 Maintenance Automation 2024-04-12 16:30:13 UTC 
SUSE-SU-2024:1271-1: An update that solves two vulnerabilities and has one security fix can now be installed.

Category: security (moderate)
Bug References: 1221242, 1221746, 1221747
CVE References: CVE-2024-28834, CVE-2024-28835
Maintenance Incident: [SUSE:Maintenance:33311](https://smelt.suse.de/incident/33311/)
Sources used:
openSUSE Leap Micro 5.4 (src):
 gnutls-3.7.3-150400.4.44.1
openSUSE Leap 15.5 (src):
 gnutls-3.7.3-150400.4.44.1
SUSE Linux Enterprise Micro for Rancher 5.4 (src):
 gnutls-3.7.3-150400.4.44.1
SUSE Linux Enterprise Micro 5.4 (src):
 gnutls-3.7.3-150400.4.44.1
SUSE Linux Enterprise Micro 5.5 (src):
 gnutls-3.7.3-150400.4.44.1
Basesystem Module 15-SP5 (src):
 gnutls-3.7.3-150400.4.44.1
openSUSE Leap 15.4 (src):
 gnutls-3.7.3-150400.4.44.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 12 Maintenance Automation 2024-06-03 16:30:49 UTC 
SUSE-SU-2024:1271-2: An update that solves two vulnerabilities and has one security fix can now be installed.

Category: security (moderate)
Bug References: 1221242, 1221746, 1221747
CVE References: CVE-2024-28834, CVE-2024-28835
Maintenance Incident: [SUSE:Maintenance:33311](https://smelt.suse.de/incident/33311/)
Sources used:
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 (src):
 gnutls-3.7.3-150400.4.44.1
SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 (src):
 gnutls-3.7.3-150400.4.44.1
SUSE Linux Enterprise Desktop 15 SP4 LTSS 15-SP4 (src):
 gnutls-3.7.3-150400.4.44.1
SUSE Linux Enterprise Server 15 SP4 LTSS 15-SP4 (src):
 gnutls-3.7.3-150400.4.44.1
SUSE Linux Enterprise Server for SAP Applications 15 SP4 (src):
 gnutls-3.7.3-150400.4.44.1
SUSE Manager Proxy 4.3 (src):
 gnutls-3.7.3-150400.4.44.1
SUSE Manager Retail Branch Server 4.3 (src):
 gnutls-3.7.3-150400.4.44.1
SUSE Manager Server 4.3 (src):
 gnutls-3.7.3-150400.4.44.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
Comment 15 Maintenance Automation 2024-07-17 16:30:04 UTC 
SUSE-SU-2024:2546-1: An update that solves two vulnerabilities and has one security fix can now be installed.

Category: security (moderate)
Bug References: 1221242, 1221746, 1221747
CVE References: CVE-2024-28834, CVE-2024-28835
Maintenance Incident: [SUSE:Maintenance:34785](https://smelt.suse.de/incident/34785/)
Sources used:
SUSE Linux Enterprise Micro for Rancher 5.3 (src):
 gnutls-3.7.3-150400.8.1
SUSE Linux Enterprise Micro 5.3 (src):
 gnutls-3.7.3-150400.8.1

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.