A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.
Fixes

Solution

No solution given by the vendor.


Workaround

Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2025-08-31T01:23:26.755Z

Reserved: 2024-01-16T04:02:22.392Z

Link: CVE-2024-0567

cve-icon Vulnrichment

Updated: 2024-08-01T18:11:35.636Z

cve-icon NVD

Status : Modified

Published: 2024-01-16T14:15:48.527

Modified: 2024-11-21T08:46:53.563

Link: CVE-2024-0567

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-01-16T00:00:00Z

Links: CVE-2024-0567 - Bugzilla

cve-icon OpenCVE Enrichment

No data.