A flaw was found in GnuTLS. The `gnutls_pkcs11_token_set_pin` function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path.
Credits
Red Hat would like to thank Joshua Rogers (AISLE Research Team) and Luigino Camastra for reporting this issue.
