CVE-2021-4209 : A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update fun

A NULL pointer dereference flaw was found in GnuTLS. As Nettle's hash update functions internally call memcpy, providing zero-length input may cause undefined behavior. This flaw leads to a denial of service after authentication in rare circumstances.

Published 2022-08-24 16:15:10

Updated 2022-10-27 16:57:33

Source Red Hat, Inc.

View at NVD, CVE.org

Vulnerability category: Memory CorruptionDenial of service

Products affected by CVE-2021-4209

Redhat » Enterprise Linux » Version: 8.0
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*
Matching versions
GNU » Gnutls
Versions before (<) 3.7.3
cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*
Matching versions
Netapp » Active Iq Unified Manager » Version: N/A For Vmware Vsphere
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
Matching versions
Netapp » Solidfire & Hci Management Node » Version: N/A
cpe:2.3:a:netapp:solidfire_\&_hci_management_node:-:*:*:*:*:*:*:*
Matching versions
Netapp » Hci Bootstrap Os » Version: N/A
cpe:2.3:a:netapp:hci_bootstrap_os:-:*:*:*:*:*:*:*
Matching versions
When used together with: Netapp » Hci Compute Node » Version: N/A

Exploit prediction scoring system (EPSS) score for CVE-2021-4209

EPSS FAQ

0.15%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 33 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2021-4209

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
6.5	MEDIUM	CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H	2.8	3.6	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: Low User Interaction: None Scope: Unchanged Confidentiality: None Integrity: None Availability: High

CWE ids for CVE-2021-4209

CWE-476 NULL Pointer Dereference

The product dereferences a pointer that it expects to be valid but is NULL.
Assigned by:
- nvd@nist.gov (Primary)
- secalert@redhat.com (Secondary)

References for CVE-2021-4209

https://gitlab.com/gnutls/gnutls/-/merge_requests/1503

wrap_nettle_hash_fast: avoid calling _update with zero-length input (!1503) · Merge requests · gnutls / GnuTLS · GitLab
Third Party Advisory
https://gitlab.com/gnutls/gnutls/-/commit/3db352734472d851318944db13be73da61300568

wrap_nettle_hash_fast: avoid calling _update with zero-length input (3db35273) · Commits · gnutls / GnuTLS · GitLab
Patch;Third Party Advisory
https://security.netapp.com/advisory/ntap-20220915-0005/

CVE-2021-4209 GnuTLS Vulnerability in NetApp Products | NetApp Product Security
Third Party Advisory
https://access.redhat.com/security/cve/CVE-2021-4209

CVE-2021-4209- Red Hat Customer Portal
Third Party Advisory
https://gitlab.com/gnutls/gnutls/-/issues/1306

Null pointer dereference in MD_UPDATE (#1306) · Issues · gnutls / GnuTLS · GitLab
Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2044156

2044156 – (CVE-2021-4209) CVE-2021-4209 GnuTLS: Null pointer dereference in MD_UPDATE
Issue Tracking;Third Party Advisory

Jump to

Vulnerability Details : CVE-2021-4209

Products affected by CVE-2021-4209

Exploit prediction scoring system (EPSS) score for CVE-2021-4209

CVSS scores for CVE-2021-4209

CWE ids for CVE-2021-4209

References for CVE-2021-4209