CVE-2014-8564

Published: Nov 13, 2014Modified: May 6, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:P

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

The _gnutls_ecc_ansi_x963_export function in gnutls_ecc.c in GnuTLS 3.x before 3.1.28, 3.2.x before 3.2.20, and 3.3.x before 3.3.10 allows remote attackers to cause a denial of service (out-of-bounds write) via a crafted (1) Elliptic Curve Cryptography (ECC) certificate or (2) certificate signing requests (CSR), related to generating key IDs.

Affected (99)

Products: Gnu: Gnutls · Redhat: Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server, Enterprise Linux Workstation · Opensuse: Opensuse · +1 more

Show all products

Gnu: Gnutls · Redhat: Enterprise Linux Desktop, Enterprise Linux Hpc Node, Enterprise Linux Server, Enterprise Linux Workstation · Opensuse: Opensuse · Canonical: Ubuntu Linux

Gnu

1 product

Gnutls

Redhat

4 products

Enterprise Linux Desktop

Enterprise Linux Hpc Node

Enterprise Linux Server

Enterprise Linux Workstation

1 product

1 product

Configuration A

91 vulnerable

Vulnerable Software	Affected Versions
Gnu Gnutls	Version 3.0.0
Gnu Gnutls	Version 3.0.10
Gnu Gnutls	Version 3.0.11
Gnu Gnutls	Version 3.0.12
Gnu Gnutls	Version 3.0.13
Gnu Gnutls	Version 3.0.14
Gnu Gnutls	Version 3.0.15
Gnu Gnutls	Version 3.0.16
Gnu Gnutls	Version 3.0.17
Gnu Gnutls	Version 3.0.18
Gnu Gnutls	Version 3.0.19
Gnu Gnutls	Version 3.0.1
Gnu Gnutls	Version 3.0.20
Gnu Gnutls	Version 3.0.21
Gnu Gnutls	Version 3.0.22
Gnu Gnutls	Version 3.0.23
Gnu Gnutls	Version 3.0.24
Gnu Gnutls	Version 3.0.25
Gnu Gnutls	Version 3.0.26
Gnu Gnutls	Version 3.0.27
Gnu Gnutls	Version 3.0.28
Gnu Gnutls	Version 3.0.2
Gnu Gnutls	Version 3.0.3
Gnu Gnutls	Version 3.0.4
Gnu Gnutls	Version 3.0.5
Gnu Gnutls	Version 3.0.6
Gnu Gnutls	Version 3.0.7
Gnu Gnutls	Version 3.0.8
Gnu Gnutls	Version 3.0.9
Gnu Gnutls	Version 3.0
Gnu Gnutls	Version 3.1.0
Gnu Gnutls	Version 3.1.10
Gnu Gnutls	Version 3.1.11
Gnu Gnutls	Version 3.1.12
Gnu Gnutls	Version 3.1.13
Gnu Gnutls	Version 3.1.14
Gnu Gnutls	Version 3.1.15
Gnu Gnutls	Version 3.1.16
Gnu Gnutls	Version 3.1.17
Gnu Gnutls	Version 3.1.18
Gnu Gnutls	Version 3.1.19
Gnu Gnutls	Version 3.1.1
Gnu Gnutls	Version 3.1.20
Gnu Gnutls	Version 3.1.21
Gnu Gnutls	Version 3.1.22
Gnu Gnutls	Version 3.1.23
Gnu Gnutls	Version 3.1.24
Gnu Gnutls	Version 3.1.25
Gnu Gnutls	Version 3.1.26
Gnu Gnutls	Version 3.1.27
Gnu Gnutls	Version 3.1.2
Gnu Gnutls	Version 3.1.3
Gnu Gnutls	Version 3.1.4
Gnu Gnutls	Version 3.1.5
Gnu Gnutls	Version 3.1.6
Gnu Gnutls	Version 3.1.7
Gnu Gnutls	Version 3.1.8
Gnu Gnutls	Version 3.1.9
Gnu Gnutls	Version 3.2.0
Gnu Gnutls	Version 3.2.10
Gnu Gnutls	Version 3.2.11
Gnu Gnutls	Version 3.2.12.1
Gnu Gnutls	Version 3.2.12
Gnu Gnutls	Version 3.2.13
Gnu Gnutls	Version 3.2.14
Gnu Gnutls	Version 3.2.15
Gnu Gnutls	Version 3.2.16
Gnu Gnutls	Version 3.2.17
Gnu Gnutls	Version 3.2.18
Gnu Gnutls	Version 3.2.19
Gnu Gnutls	Version 3.2.1
Gnu Gnutls	Version 3.2.2
Gnu Gnutls	Version 3.2.3
Gnu Gnutls	Version 3.2.4
Gnu Gnutls	Version 3.2.5
Gnu Gnutls	Version 3.2.6
Gnu Gnutls	Version 3.2.7
Gnu Gnutls	Version 3.2.8.1
Gnu Gnutls	Version 3.2.8
Gnu Gnutls	Version 3.2.9
Gnu Gnutls	Version 3.3.0
Gnu Gnutls	Version 3.3.0 pre0
Gnu Gnutls	Version 3.3.1
Gnu Gnutls	Version 3.3.2
Gnu Gnutls	Version 3.3.3
Gnu Gnutls	Version 3.3.4
Gnu Gnutls	Version 3.3.5
Gnu Gnutls	Version 3.3.6
Gnu Gnutls	Version 3.3.7
Gnu Gnutls	Version 3.3.8
Gnu Gnutls	Version 3.3.9

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 7.0
Redhat Enterprise Linux Hpc Node	Version 7.0
Redhat Enterprise Linux Server	Version 7.0
Redhat Enterprise Linux Workstation	Version 7.0