CVE-2021-4209

A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.
Configurations

Configuration 1 (hide)

cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:a:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*
cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*

History

No history.

Information

Published : 2022-08-24 16:15

Updated : 2024-02-28 19:29


NVD link : CVE-2021-4209

Mitre link : CVE-2021-4209

CVE.ORG link : CVE-2021-4209


JSON object : View

Products Affected

netapp

  • active_iq_unified_manager
  • hci_compute_node
  • solidfire_\&_hci_management_node
  • hci_bootstrap_os

redhat

  • enterprise_linux

gnu

  • gnutls
CWE
CWE-476

NULL Pointer Dereference