CVE-2008-1948
CWE-189Published: May 21, 2008· Updated: Jun 16, 2026
Official Description
The _gnutls_server_name_recv_params function in lib/ext_server_name.c in libgnutls in gnutls-serv in GnuTLS before 2.2.4 does not properly calculate the number of Server Names in a TLS 1.0 Client Hello message during extension handling, which allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a zero value for the length of Server Names, which leads to a buffer overflow in session resumption data in the pack_security_parameters function, aka GNUTLS-SA-2008-1-1.
Technical Analysis
CVE-2008-1948 can be exploited remotely over the network without requiring physical or adjacent access, significantly expanding the attack surface for threat actors.
Exploitation requires some privileges, which limits the exposure to scenarios where an attacker has already gained initial access.
CVSS v3.1 Vector Breakdown
Affected Vendors & Products
Exploit & PoC Resources
Official Patches & Advisories
All References (80)
Quick Facts
Related CVEs (CWE-189)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2008-1948 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts