7erry created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1759
## [CVE-2021-4209](https://nvd.nist.gov/vuln/detail/CVE-2021-4209) `wrap_nettle_hash_fast` in `lib/nettle/mac.c` once caused NULL Pointer Dereference reported as CVE-2021-4209 and was fixed in Commit 3db3527 ## Similar issues Each of the following functions contains a similar logic - `wrap_aarch64_hmac_fast` in `lib/accelerated/aarch64/hmac-sha-aarch64.c` - `wrap_aarch64_hash_fast` in `lib/accelerated/aarch64/sha-aarch64.c` - `wrap_x86_hmac_fast` in `lib/accelerated/x86/hmac-x86-ssse3.c` - `wrap_x86_hash_fast` in `lib/accelerated/x86/sha-x86-ssse3.c` - `wrap_nettle_mac_fast` in `lib/nettle/mac.c` Would it make sense to fix them in the same way Commit 3db3527 did? Thank you for spending your time reading this issue. Apologies if I missed anything.`` -- Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1759 You're receiving this email because of your account on gitlab.com.
_______________________________________________ Gnutls-devel mailing list [email protected] http://lists.gnupg.org/mailman/listinfo/gnutls-devel
