A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.
3.7.3-4ubuntu1.93.8.3-1.1ubuntu3.63.8.9-3ubuntu2.23.8.12-2ubuntu1.13.3.15-5ubuntu23.3.18-1ubuntu13.3.20-1ubuntu13.4.10-4ubuntu13.4.10-4ubuntu1.13.4.10-4ubuntu1.23.4.10-4ubuntu1.33.4.10-4ubuntu1.43.4.10-4ubuntu1.53.4.10-4ubuntu1.6+6 more3.5.17-1ubuntu13.5.17-1ubuntu33.5.18-1ubuntu13.5.18-1ubuntu1.13.5.18-1ubuntu1.23.5.18-1ubuntu1.33.5.18-1ubuntu1.43.5.18-1ubuntu1.53.5.18-1ubuntu1.63.5.18-1ubuntu1.6+esm1+2 more3.6.10-53.6.11.1-23.6.11.1-2ubuntu23.6.13-2ubuntu13.6.13-2ubuntu1.13.6.13-2ubuntu1.103.6.13-2ubuntu1.113.6.13-2ubuntu1.123.6.13-2ubuntu1.12+esm13.6.13-2ubuntu1.2+7 more3.7.3-4ubuntu1.2+Fips1.13.7.3-4ubuntu1.2+Fips1.13.7.3-4ubuntu1.3+Fips1.13.7.3-4ubuntu1.4+Fips13.7.3-4ubuntu1.5+Fips13.7.3-4ubuntu1.6+Fips13.7.3-4ubuntu1.7+Fips13.7.3-4ubuntu1.7+Fips1.13.7.3-4ubuntu1.8+Fips1.13.8.3-1.1ubuntu3.1+Fips13.8.3-1.1ubuntu3.4+Fips13.8.3-1.1ubuntu3.4+Fips1.13.8.3-1.1ubuntu3.5+Fips1.1Exploitability
AV:NAC:LPR:NUI:NScope
S:UImpact
C:HI:NA:HCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H