Apache · Apache Httpd · CVE-2023-25824
**Name of the Vulnerable Software and Affected Versions**
Mod gnutls versions 0.9.0 through 0.12.0
**Description**
Mod gnutls is a TLS module for Apache HTTPD based on GnuTLS. It did not properly fail blocking read operations on TLS connections when the transport hit timeouts, entering an endless loop and consuming CPU resources. This could be exploited for denial of service attacks. If trace level logging was enabled, it would also produce an excessive amount of log output during the loop, consuming disk space.
**Recommendations**
Update to version 0.12.1 to fix the issue.
For users who cannot update, apply the errno fix detailed in the security advisory.