Launchpad CVE tracker

CVE 2021-20232

A flaw was found in gnutls. A use after free issue in client_send_params in lib/ext/pre_shared_key.c may lead to memory corruption and other potential consequences.

Related bugs and status

CVE-2021-20232 (Candidate) is related to these bugs:

Bug #1910255: autopkgtest fails due to an expired certificate

		In	Importance	Status
1910255	autopkgtest fails due to an expired certificate	gnutls28 (Ubuntu)	Undecided	Fix Released
1910255	autopkgtest fails due to an expired certificate	gnutls28 (Debian)	Unknown	Fix Released
1910255	autopkgtest fails due to an expired certificate	gnutls28 (Ubuntu Focal)	Low	Fix Released
1910255	autopkgtest fails due to an expired certificate	gnutls28 (Ubuntu Groovy)	Low	Won't Fix
1910255	autopkgtest fails due to an expired certificate	gnutls28 (Ubuntu Hirsute)	Undecided	Fix Released

Bug #1922004: gnutls28 OOM's on arm64, ppc64el and s390x with lto

Summary				In	Importance	Status
	1922004	gnutls28 OOM's on arm64, ppc64el and s390x with lto		gnutls28 (Ubuntu)	Undecided	Fix Released

Bug #1929229: Please merge gnutls28 3.7.1-4 (main) from Debian unstable

Summary				In	Importance	Status
	1929229	Please merge gnutls28 3.7.1-4 (main) from Debian unstable		gnutls28 (Ubuntu)	Wishlist	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2021-20232

References