{"containers": {"cna": {"affected": [{"product": "GnuTLS", "vendor": "n/a", "versions": [{"status": "affected", "version": "Fixed in gnutls v3.7.3"}]}], "descriptions": [{"lang": "en", "value": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-476", "description": "CWE-476 - NULL Pointer Dereference", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2022-09-15T17:06:40", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://gitlab.com/gnutls/gnutls/-/issues/1306"}, {"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156"}, {"tags": ["x_refsource_MISC"], "url": "https://access.redhat.com/security/cve/CVE-2021-4209"}, {"tags": ["x_refsource_MISC"], "url": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503"}, {"tags": ["x_refsource_MISC"], "url": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://security.netapp.com/advisory/ntap-20220915-0005/"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2021-4209", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "GnuTLS", "version": {"version_data": [{"version_value": "Fixed in gnutls v3.7.3"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-476 - NULL Pointer Dereference"}]}]}, "references": {"reference_data": [{"name": "https://gitlab.com/gnutls/gnutls/-/issues/1306", "refsource": "MISC", "url": "https://gitlab.com/gnutls/gnutls/-/issues/1306"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156"}, {"name": "https://access.redhat.com/security/cve/CVE-2021-4209", "refsource": "MISC", "url": "https://access.redhat.com/security/cve/CVE-2021-4209"}, {"name": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503", "refsource": "MISC", "url": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503"}, {"name": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568", "refsource": "MISC", "url": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568"}, {"name": "https://security.netapp.com/advisory/ntap-20220915-0005/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20220915-0005/"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T17:16:04.444Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://gitlab.com/gnutls/gnutls/-/issues/1306"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://access.redhat.com/security/cve/CVE-2021-4209"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://security.netapp.com/advisory/ntap-20220915-0005/"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2021-4209", "datePublished": "2022-08-24T15:07:31", "dateReserved": "2022-01-24T00:00:00", "dateUpdated": "2024-08-03T17:16:04.444Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*", "matchCriteriaId": "D7F5A2FE-408A-4E36-BC95-40E502C06682", "versionEndExcluding": "3.7.3", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "F4CFF558-3C47-480D-A2F0-BABF26042943", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", "matchCriteriaId": "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", "vulnerable": true}, {"criteria": "cpe:2.3:a:netapp:solidfire_\\&_hci_management_node:-:*:*:*:*:*:*:*", "matchCriteriaId": "D6D700C5-F67F-4FFB-BE69-D524592A3D2E", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*", "matchCriteriaId": "84574629-EB00-4235-8962-45070F3C9F6A", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*", "matchCriteriaId": "AD7447BC-F315-4298-A822-549942FC118B", "vulnerable": false}], "negate": false, "operator": "OR"}], "operator": "AND"}], "descriptions": [{"lang": "en", "value": "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances."}, {"lang": "es", "value": "Se ha encontrado un fallo de desreferencia de puntero NULL en GnuTLS. Como las funciones de actualizaci\u00f3n de hash de Nettle llaman internamente a memcpy, proporcionar una entrada de longitud cero puede causar un comportamiento indefinido. Este fallo conlleva a una denegaci\u00f3n de servicio tras la autenticaci\u00f3n en raras circunstancias."}], "id": "CVE-2021-4209", "lastModified": "2024-11-21T06:37:09.190", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-24T16:15:09.927", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2021-4209"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://gitlab.com/gnutls/gnutls/-/issues/1306"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20220915-0005/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2021-4209"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://gitlab.com/gnutls/gnutls/-/issues/1306"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://gitlab.com/gnutls/gnutls/-/merge_requests/1503"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://security.netapp.com/advisory/ntap-20220915-0005/"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-476"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-476"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"bugzilla": {"description": "GnuTLS: Null pointer dereference in MD_UPDATE", "id": "2044156", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2044156"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "status": "draft"}, "cwe": "CWE-476", "details": ["A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.", "A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2021-4209", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Out of support scope", "package_name": "gnutls", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "gnutls", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Will not fix", "package_name": "gnutls", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "gnutls", "product_name": "Red Hat Enterprise Linux 9"}], "public_date": "2021-12-22T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-4209\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-4209"], "statement": "This issue is classified as low severity because it requires a very specific and rare set of conditions to be triggered. The vulnerability occurs only when GnuTLS is built with Guile support disabled and when an empty input (zero-length data) is passed during the TLS handshake process. \nThe crash caused by the NULL pointer dereference is a denial of service, but it does not result in remote code execution or data leakage. Additionally, the affected code path is rarely executed in practice, as it is often replaced by optimized, accelerated implementations. Compilers may also optimize away the issue in most cases, further reducing the likelihood of exploitation.", "threat_severity": "Low"}