Action not permitted
Modal body text goes here.
Modal Title
Modal Body
GHSA-MCX8-9RRJ-7QXM
Vulnerability from github – Published: 2024-01-16 15:30 – Updated: 2024-07-08 18:31
VLAI
Details
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.
Severity
5.9 (Medium)
{
"affected": [],
"aliases": [
"CVE-2024-0567"
],
"database_specific": {
"cwe_ids": [
"CWE-347"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2024-01-16T14:15:48Z",
"severity": "MODERATE"
},
"details": "A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.",
"id": "GHSA-mcx8-9rrj-7qxm",
"modified": "2024-07-08T18:31:15Z",
"published": "2024-01-16T15:30:27Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0567"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:0533"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:1082"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2024:2094"
},
{
"type": "WEB",
"url": "https://access.redhat.com/security/cve/CVE-2024-0567"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258544"
},
{
"type": "WEB",
"url": "https://gitlab.com/gnutls/gnutls/-/issues/1521"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV"
},
{
"type": "WEB",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2"
},
{
"type": "WEB",
"url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20240202-0011"
},
{
"type": "WEB",
"url": "http://www.openwall.com/lists/oss-security/2024/01/19/3"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
CVE-2024-0567 (GCVE-0-2024-0567)
Vulnerability from cvelistv5 – Published: 2024-01-16 14:01 – Updated: 2025-11-20 18:09
VLAI
EPSS
Title
Gnutls: rejects certificate chain with distributed trust
Summary
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.
Severity
7.5 (High)
SSVC
Exploitation: poc
Automatable: yes
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-347 - Improper Verification of Cryptographic Signature
Assigner
References
12 references
| URL | Tags |
|---|---|
| https://access.redhat.com/errata/RHSA-2024:0533 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:1082 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:1383 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2024:2094 | vendor-advisoryx_refsource_REDHAT |
| https://access.redhat.com/security/cve/CVE-2024-0567 | vdb-entryx_refsource_REDHAT |
| https://bugzilla.redhat.com/show_bug.cgi?id=2258544 | issue-trackingx_refsource_REDHAT |
| https://gitlab.com/gnutls/gnutls/-/issues/1521 | |
| https://lists.gnupg.org/pipermail/gnutls-help/202… | |
| http://www.openwall.com/lists/oss-security/2024/01/19/3 | x_transferred |
| https://lists.fedoraproject.org/archives/list/pac… | x_transferred |
| https://lists.fedoraproject.org/archives/list/pac… | x_transferred |
| https://security.netapp.com/advisory/ntap-2024020… | x_transferred |
Impacted products
43 products
| Vendor | Product | Version | |
|---|---|---|---|
|
Affected:
3.8.0 , < 3.8.3
(semver)
|
|||
| Red Hat | Red Hat Enterprise Linux 9 |
Unaffected:
0:3.7.6-23.el9_3.3 , < *
(rpm)
cpe:/o:redhat:enterprise_linux:9::baseos cpe:/a:redhat:enterprise_linux:9::appstream |
|
| Red Hat | Red Hat Enterprise Linux 9.2 Extended Update Support |
Unaffected:
0:3.7.6-21.el9_2.2 , < *
(rpm)
cpe:/a:redhat:rhel_eus:9.2::appstream cpe:/o:redhat:rhel_eus:9.2::baseos |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-37 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-68 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-158 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-39 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-58 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-13 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-81 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-79 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-22 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-57 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-6 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-15 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-54 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-10 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-26 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-19 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-21 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHODF-4.15-RHEL-9 |
Unaffected:
v4.15.0-103 , < *
(rpm)
cpe:/a:redhat:openshift_data_foundation:4.15::el9 |
|
| Red Hat | RHOL-5.8-RHEL-9 |
Unaffected:
v5.8.6-22 , < *
(rpm)
cpe:/a:redhat:logging:5.8::el9 |
|
| Red Hat | RHOL-5.8-RHEL-9 |
Unaffected:
v5.8.6-11 , < *
(rpm)
cpe:/a:redhat:logging:5.8::el9 |
|
| Red Hat | RHOL-5.8-RHEL-9 |
Unaffected:
v6.8.1-407 , < *
(rpm)
cpe:/a:redhat:logging:5.8::el9 |
|
| Red Hat | RHOL-5.8-RHEL-9 |
Unaffected:
v5.8.6-19 , < *
(rpm)
cpe:/a:redhat:logging:5.8::el9 |
|
| Red Hat | RHOL-5.8-RHEL-9 |
Unaffected:
v1.0.0-479 , < *
(rpm)
cpe:/a:redhat:logging:5.8::el9 |
|
| Red Hat | RHOL-5.8-RHEL-9 |
Unaffected:
v5.8.6-7 , < *
(rpm)
cpe:/a:redhat:logging:5.8::el9 |
|
| Red Hat | RHOL-5.8-RHEL-9 |
Unaffected:
v0.4.0-247 , < *
(rpm)
cpe:/a:redhat:logging:5.8::el9 |
|
| Red Hat | RHOL-5.8-RHEL-9 |
Unaffected:
v5.8.6-5 , < *
(rpm)
cpe:/a:redhat:logging:5.8::el9 |
|
| Red Hat | RHOL-5.8-RHEL-9 |
Unaffected:
v1.1.0-227 , < *
(rpm)
cpe:/a:redhat:logging:5.8::el9 |
|
| Red Hat | RHOL-5.8-RHEL-9 |
Unaffected:
v5.8.1-470 , < *
(rpm)
cpe:/a:redhat:logging:5.8::el9 |
|
| Red Hat | RHOL-5.8-RHEL-9 |
Unaffected:
v2.9.6-14 , < *
(rpm)
cpe:/a:redhat:logging:5.8::el9 |
|
| Red Hat | RHOL-5.8-RHEL-9 |
Unaffected:
v5.8.6-2 , < *
(rpm)
cpe:/a:redhat:logging:5.8::el9 |
|
| Red Hat | RHOL-5.8-RHEL-9 |
Unaffected:
v5.8.6-24 , < *
(rpm)
cpe:/a:redhat:logging:5.8::el9 |
|
| Red Hat | RHOL-5.8-RHEL-9 |
Unaffected:
v5.8.6-10 , < *
(rpm)
cpe:/a:redhat:logging:5.8::el9 |
|
| Red Hat | RHOL-5.8-RHEL-9 |
Unaffected:
v0.1.0-525 , < *
(rpm)
cpe:/a:redhat:logging:5.8::el9 |
|
| Red Hat | RHOL-5.8-RHEL-9 |
Unaffected:
v0.1.0-224 , < *
(rpm)
cpe:/a:redhat:logging:5.8::el9 |
|
| Red Hat | RHOL-5.8-RHEL-9 |
Unaffected:
v0.28.1-56 , < *
(rpm)
cpe:/a:redhat:logging:5.8::el9 |
|
| Red Hat | Red Hat Enterprise Linux 6 |
cpe:/o:redhat:enterprise_linux:6 |
|
| Red Hat | Red Hat Enterprise Linux 7 |
cpe:/o:redhat:enterprise_linux:7 |
|
| Red Hat | Red Hat Enterprise Linux 8 |
cpe:/o:redhat:enterprise_linux:8 |
|
| Red Hat | Red Hat Enterprise Linux 9 |
cpe:/o:redhat:enterprise_linux:9 |
|
| Red Hat | Red Hat OpenShift Container Platform 3.11 |
cpe:/a:redhat:openshift:3.11 |
Date Public
2024-01-16 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T18:11:35.636Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "http://www.openwall.com/lists/oss-security/2024/01/19/3"
},
{
"name": "RHSA-2024:0533",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:0533"
},
{
"name": "RHSA-2024:1082",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:1082"
},
{
"name": "RHSA-2024:1383",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"name": "RHSA-2024:2094",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2094"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-0567"
},
{
"name": "RHBZ#2258544",
"tags": [
"issue-tracking",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258544"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.com/gnutls/gnutls/-/issues/1521"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/"
},
{
"tags": [
"x_transferred"
],
"url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20240202-0011/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-0567",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-08T18:37:07.175566Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-08-26T19:53:27.210Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://gitlab.com/gnutls/gnutls",
"defaultStatus": "unaffected",
"packageName": "gnutls",
"versions": [
{
"lessThan": "3.8.3",
"status": "affected",
"version": "3.8.0",
"versionType": "semver"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "gnutls",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.7.6-23.el9_3.3",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::baseos",
"cpe:/a:redhat:enterprise_linux:9::appstream"
],
"defaultStatus": "affected",
"packageName": "gnutls",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.7.6-23.el9_3.3",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:rhel_eus:9.2::appstream",
"cpe:/o:redhat:rhel_eus:9.2::baseos"
],
"defaultStatus": "affected",
"packageName": "gnutls",
"product": "Red Hat Enterprise Linux 9.2 Extended Update Support",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.7.6-21.el9_2.2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/cephcsi-rhel9",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-37",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-core-rhel9",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-68",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-operator-bundle",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-158",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/mcg-rhel9-operator",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-39",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-console-rhel9",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-58",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-operator-bundle",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-158",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-client-rhel9-operator",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-13",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-metrics-exporter-rhel9",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-81",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-operator-bundle",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-158",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/ocs-rhel9-operator",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-79",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cli-rhel9",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-22",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-console-rhel9",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-57",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-cosi-sidecar-rhel9",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-6",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-operator-bundle",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-158",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-rhel9-operator",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-15",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-csi-addons-sidecar-rhel9",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-15",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-console-rhel9",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-54",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-operator-bundle",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-158",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-multicluster-rhel9-operator",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-must-gather-rhel9",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-26",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-operator-bundle",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-158",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odf-rhel9-operator",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-19",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odr-cluster-operator-bundle",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-158",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odr-hub-operator-bundle",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-158",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/odr-rhel9-operator",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-21",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:openshift_data_foundation:4.15::el9"
],
"defaultStatus": "affected",
"packageName": "odf4/rook-ceph-rhel9-operator",
"product": "RHODF-4.15-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v4.15.0-103",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:5.8::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/cluster-logging-operator-bundle",
"product": "RHOL-5.8-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v5.8.6-22",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:5.8::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/cluster-logging-rhel9-operator",
"product": "RHOL-5.8-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v5.8.6-11",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:5.8::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/elasticsearch6-rhel9",
"product": "RHOL-5.8-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v6.8.1-407",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:5.8::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/elasticsearch-operator-bundle",
"product": "RHOL-5.8-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v5.8.6-19",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:5.8::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/elasticsearch-proxy-rhel9",
"product": "RHOL-5.8-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v1.0.0-479",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:5.8::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/elasticsearch-rhel9-operator",
"product": "RHOL-5.8-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v5.8.6-7",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:5.8::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/eventrouter-rhel9",
"product": "RHOL-5.8-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v0.4.0-247",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:5.8::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/fluentd-rhel9",
"product": "RHOL-5.8-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v5.8.6-5",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:5.8::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/log-file-metric-exporter-rhel9",
"product": "RHOL-5.8-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v1.1.0-227",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:5.8::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/logging-curator5-rhel9",
"product": "RHOL-5.8-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v5.8.1-470",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:5.8::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/logging-loki-rhel9",
"product": "RHOL-5.8-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v2.9.6-14",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:5.8::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/logging-view-plugin-rhel9",
"product": "RHOL-5.8-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v5.8.6-2",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:5.8::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/loki-operator-bundle",
"product": "RHOL-5.8-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v5.8.6-24",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:5.8::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/loki-rhel9-operator",
"product": "RHOL-5.8-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v5.8.6-10",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:5.8::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/lokistack-gateway-rhel9",
"product": "RHOL-5.8-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v0.1.0-525",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:5.8::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/opa-openshift-rhel9",
"product": "RHOL-5.8-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v0.1.0-224",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://catalog.redhat.com/software/containers/",
"cpes": [
"cpe:/a:redhat:logging:5.8::el9"
],
"defaultStatus": "affected",
"packageName": "openshift-logging/vector-rhel9",
"product": "RHOL-5.8-RHEL-9",
"vendor": "Red Hat",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "v0.28.1-56",
"versionType": "rpm"
}
]
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:6"
],
"defaultStatus": "unknown",
"packageName": "gnutls",
"product": "Red Hat Enterprise Linux 6",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unknown",
"packageName": "cockpit",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
],
"defaultStatus": "unknown",
"packageName": "gnutls",
"product": "Red Hat Enterprise Linux 7",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "cockpit",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8"
],
"defaultStatus": "unaffected",
"packageName": "gnutls",
"product": "Red Hat Enterprise Linux 8",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9"
],
"defaultStatus": "unaffected",
"packageName": "cockpit",
"product": "Red Hat Enterprise Linux 9",
"vendor": "Red Hat"
},
{
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"cpes": [
"cpe:/a:redhat:openshift:3.11"
],
"defaultStatus": "unaffected",
"packageName": "cockpit",
"product": "Red Hat OpenShift Container Platform 3.11",
"vendor": "Red Hat"
}
],
"datePublic": "2024-01-16T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack."
}
],
"metrics": [
{
"other": {
"content": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"value": "Moderate"
},
"type": "Red Hat severity rating"
}
},
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-347",
"description": "Improper Verification of Cryptographic Signature",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-20T18:09:19.787Z",
"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"shortName": "redhat"
},
"references": [
{
"name": "RHSA-2024:0533",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:0533"
},
{
"name": "RHSA-2024:1082",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:1082"
},
{
"name": "RHSA-2024:1383",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:1383"
},
{
"name": "RHSA-2024:2094",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2024:2094"
},
{
"tags": [
"vdb-entry",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/security/cve/CVE-2024-0567"
},
{
"name": "RHBZ#2258544",
"tags": [
"issue-tracking",
"x_refsource_REDHAT"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2258544"
},
{
"url": "https://gitlab.com/gnutls/gnutls/-/issues/1521"
},
{
"url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-January/004841.html"
}
],
"timeline": [
{
"lang": "en",
"time": "2024-01-16T00:00:00.000Z",
"value": "Reported to Red Hat."
},
{
"lang": "en",
"time": "2024-01-16T00:00:00.000Z",
"value": "Made public."
}
],
"title": "Gnutls: rejects certificate chain with distributed trust",
"workarounds": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
],
"x_redhatCweChain": "CWE-347: Improper Verification of Cryptographic Signature"
}
},
"cveMetadata": {
"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
"assignerShortName": "redhat",
"cveId": "CVE-2024-0567",
"datePublished": "2024-01-16T14:01:59.178Z",
"dateReserved": "2024-01-16T04:02:22.392Z",
"dateUpdated": "2025-11-20T18:09:19.787Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
Loading…
Trend slope:
-
(linear fit over daily sighting counts)
Show additional events:
Loading…
Experimental. This forecast is provided for visualization only and may change without notice. Do not use it for operational decisions.
Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…