CVE-2013-1663[1] is a possible remote DOS attack issue. This issue has been fixed[2] in >=GNUTLS-3.0.14. I hacked on it for hours and figure out a few prerequisites could make it vulnerable: ============================= REQUIRED: - prior to GNUTLS 3.0.14 - crafted certificate ============================= Attacking SCENES - a client import a crafted cert file for sending req to server( CA?) - a "server" import a crafted cert file for sending req to other server( CA?) ---> With high frequency uses above manipulations Stand on the client side, the attacker should try to construct a crafted certificate for triggering the below function fails: ret = gnutls_pubkey_import_x509(pcert->pubkey, crt, 0); if (ret < 0) { gnutls_pubkey_deinit(pcert->pubkey); /* pcert->pubkey should be NULL now */ ret = gnutls_assert_val(ret); goto cleanup; } I made up two crafted cert files( client.pem, client2.pem) seems would trigger the double free issue in client's side. Warning: Don't try it on your host machine because it would cost too much memory then makes your machine very slow. shawn@sl13:~/gnutls_compile_uses/CVE-2012-1663$ ./ex-serv-x509 processing server set to null? Server ready. Listening to port '5556'. shawn@sl13:~/gnutls_compile_uses/CVE-2012-1663$ ./attack.sh ................ ................. ................... Another terminal: killall client Test platform: Slackware 13.37 + GNUTLS-3.0.13 [1] http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-1663 [2] Upstream fix http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=9c62f4feb2bdd6fbbb06eb0c60bfdea80d21bbb8 -- GNU powered it... GPL protect it... God blessing it...