CNNVD-202602-1250 Information

CNNVD ID

CNNVD-202602-1250

Related CVE

CVE-2026-1584

• CNNVD Published: 2026-02-09

Description (Chinese)

GnuTLS是GnuTLS开源的一款免费的用于实现SSL、TLS和DTLS协议的安全通信库。 gnutls存在安全漏洞，该漏洞源于远程未经验证的攻击者可能在TLS握手期间发送特制的ClientHello消息，导致空指针取消引用，可能引发服务器崩溃和远程拒绝服务。

Description (English)

GnuTLS is a free-of-charge secure communications bank for the implementation of SSL, TLS and DTLS protocols. gnutls have a security loophole, which stems from the possibility that a remote, unverified attacker may send a specially designed ClintHello message during a TLS handshake, leading to the removal of the reference to an empty pointer, which could trigger a server crash and a remote denial of service.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

gnutls

Published

2026-02-09

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/cve-2026-1584