22 matches found
JLSEC-2026-527
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...
Astra Linux – Vulnerability in gnutls28
A flaw was discovered in GnuTLS. There exists a double-free vulnerability in GnuTLS due to incorrect handling of ownership in the export logic of Subject Alternative Name SAN entries that contain an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an...
CLSA-2026-1776965055 Fix CVE(s): CVE-2025-32988, CVE-2025-32990
SECURITY UPDATE: heap buffer overflow in certtool template parsing - debian/patches/CVE-2025-32990.patch: use callocMAXENTRIES + 1 instead of mallocMAXENTRIES in READMULTILINE and READMULTILINETOKENIZED macros in src/certtool-cfg.c. - CVE-2025-32990 SECURITY UPDATE: double free when exporting...
GnuTLS Vulnerable to Memory Corruption via Double-Free upon Error when Exporting 'otherName' in SAN
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...
CVE-2025-66220
Envoy is a high-performance edge/middle/service proxy. In 1.33.12, 1.34.10, 1.35.6, 1.36.2, and earlier, Envoy’s mTLS certificate matcher for matchtypedsubjectaltnames may incorrectly treat certificates containing an embedded null byte \0 inside an OTHERNAME SAN value as valid matches...
Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gnutls (UTSA-2025-990959)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990959 advisory. A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN...
Siemens SIMATIC S7-1500 Double Free (CVE-2025-32988)
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...
Moderate: Red Hat Security Advisory: gnutls security, bug fix, and enhancement update
An update for gnutls is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
ALSA-2025:17415 Moderate: gnutls security, bug fix, and enhancement update
The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS otherName SAN...
Moderate: gnutls security, bug fix, and enhancement update
The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS otherName SAN...
gnutls: Vulnerability in GnuTLS otherName SAN export
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...
CLSA-2025-1759247437 gnutls: Fix of 2 CVEs
CVE-2025-32990: fix memory corruption in when parsing a template file - CVE-2025-32988: fix double-free vulnerability in export logic of Subject Alternative Name SAN entries containing an otherName...
gnutls: Vulnerability in GnuTLS otherName SAN export
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...
ALSA-2025:16116 Moderate: gnutls security, bug fix, and enhancement update
The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS SCT extension...
Security update for gnutls
This update for gnutls fixes the following issues: CVE-2025-32988: Fixed double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName bsc1246232. CVE-2025-32989: Fixed heap buffer overread when handling the CT SCT extension during X.509 certificate...
SUSE-SU-2025:02589-1 Security update for gnutls
This update for gnutls fixes the following issues: - CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK bsc1246299 - CVE-2025-32988: Fix double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName bsc1246232 - CVE-2025-32989:...
SUSE-SU-2025:02583-1 Security update for gnutls
This update for gnutls fixes the following issues: - CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK bsc1246299 - CVE-2025-32988: Fix double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName bsc1246232 - CVE-2025-32990:...
SUSE CVE-2025-32988
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...
AZL-65106 CVE-2025-32988 affecting package gnutls for versions less than 3.8.3-6
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...
AZL-65085 CVE-2025-32988 affecting package gnutls for versions less than 3.7.11-4
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...