CVE-2022-2509: Double-free in GnuTLS find_signer() during PKCS7 cert chain verification

CVE-2022-2509 is a double-free memory corruption in GnuTLS (versions up to 3.7.6) triggered during PKCS#7 signature verification via gnutls_pkcs7_verify(). The bug lives in the static function find_signer() in lib/x509/pkcs7.c.\n\nWhen the direct trust-list verification of the found signer certificate fails, find_signer() attempts to construct a chain by walking up the certificates embedded in the PKCS#7 structure. In the do-while loop (lines 1312-1325), the 'prev' pointer is set to 'issuer' which initially equals 'signer'. When a self-signed (root) CA is found as the immediate issuer (gnutls_x509_crt_check_issuer returns true for issuer==issuer), the code does: gnutls_x509_crt_deinit(prev) — which frees 'signer' because prev==signer at that point. However, the 'signer' variable is NEVER set to NULL. When subsequent trust verification of the root CA also fails and control jumps to the 'fail:' label, 'if (signer != NULL)' evaluates true (dangling pointer), and gnutls_x509_crt_deinit(signer) is called a second time on the already-freed memory.