110 matches found
gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly
A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...
EUVD-2026-30769
A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...
CVE-2026-42009
A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security DTLS packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This...
OESA-2026-2335 gnutls security update
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...
OESA-2026-2334 gnutls security update
GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...
CVE-2026-42920
CVE-2026-42920 affects BIG-IP DTLS: when a Client SSL profile has Allow Dynamic Record Sizing on a UDP virtual server, undisclosed traffic can cause the Traffic Management Microkernel (TMM) to terminate, resulting in a DoS as TMM restarts. The F5 advisory notes this is a data-plane issue with rem...
PT-2026-37962
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable vulnerability allows...
EUVD-2026-26926
A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...
GnuTLS 安全漏洞
GnuTLS is an open-source, free security communication library developed by GnuTLS that enables the implementation of SSL, TLS, and DTLS protocols. GnuTLS has a security vulnerability, which stems from the mergehandshakepacket function in the DTLS handshake reassembly logic not verifying the...
Astra Linux – Vulnerability in Erlang
In Erlang/OTP versions prior to 23.3.4.15, 24.x before 24.3.4.2, and 25.x before 25.0.2, there was a situation where Client Authentication Bypass occurred in certain client-certification scenarios for SSL, TLS, and DTLS...
Integer Underflow (Wrap or Wraparound)
Overview Affected versions of this package are vulnerable to Integer Underflow Wrap or Wraparound via the DTLS handshake parsing process. An attacker can cause an out-of-bounds read and potentially disclose sensitive memory or crash the application by sending specially crafted DTLS handshake...
pyOpenSSL: DTLS cookie callback buffer overflow
A flaw was found in pyOpenSSL. The setcookiegeneratecallback callback function can be used to generate DTLS cookies. When the callback returns a cookie string or byte sequence longer than 256 bytes, a buffer overflow can be triggered due to a missing bounds checking before copying the data to a...
EUVD-2026-21214
Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow...
Linux Distros Unpatched Vulnerability : CVE-2026-5264
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow...
CVE-2026-5264
Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overflow...
EUVD-2026-21180
In wolfSSL, ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2 reuse an identical 12-byte GCM nonce for every application-data record. Because wcAriaEncrypt is stateless and passes the caller-supplied IV verbatim to the MagicCrypto SDK with no internal counter, and because the explicit IV is...
CVE-2026-5446 wolfSSL ARIA-GCM TLS 1.2/DTLS 1.2 GCM nonce reuse
In wolfSSL, ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2 reuse an identical 12-byte GCM nonce for every application-data record. Because wcAriaEncrypt is stateless and passes the caller-supplied IV verbatim to the MagicCrypto SDK with no internal counter, and because the explicit IV is...
UBUNTU-CVE-2026-26014
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Pion DTLS versions v1.0.0 through v3.0.10 and 3.1.0 use random nonce generation with AES GCM ciphers, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonc...
Pion DTLS 信息泄露漏洞
Pion DTLS is an open-source implementation of the DTLS Data Transfer Layer Security Protocol based on the Go language. Versions of Pion DTLS from 1.0.0 to 3.1.0 have a vulnerability related to information leakage. This vulnerability stems from the use of random numbers for AES GCM encryption, whi...
PT-2026-7719
Name of the Vulnerable Software and Affected Versions Pion DTLS versions 1.0.0 through 3.1.0 Description Pion DTLS, a Go implementation of Datagram Transport Layer Security, is susceptible to an issue where the use of random nonce generation with AES GCM ciphers allows remote attackers to...