CLSA-2026-1776965055 Fix CVE(s): CVE-2025-32988, CVE-2025-32990

SECURITY UPDATE: heap buffer overflow in certtool template parsing - debian/patches/CVE-2025-32990.patch: use callocMAXENTRIES + 1 instead of mallocMAXENTRIES in READMULTILINE and READMULTILINETOKENIZED macros in src/certtool-cfg.c. - CVE-2025-32990 SECURITY UPDATE: double free when exporting...

EulerOS Virtualization 2.12.0 : gnutls (EulerOS-SA-2026-1485)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization...

Inefficient Algorithmic Complexity

Overview Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity in the certtool --verify command. An attacker can cause excessive CPU and memory consumption by submitting specially crafted certificates containing a large number of SANs and Name Constraints...

EulerOS Virtualization 2.10.1 : gnutls (EulerOS-SA-2026-1118)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of...

Azure Linux 3.0 Security Update: gnutls (CVE-2024-28835)

The version of gnutls installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-28835 advisory. - A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a...

MiracleLinux 8 : gnutls-3.6.16-8.el8_10.4.ML.1 (AXSA:2025-10938:05)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10938:05 advisory. gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS otherName SAN export CVE-2025-32988 gnutls...

MiracleLinux 4 : gnutls-2.8.5-18.AXS4 (AXSA:2015-329:01)

The remote MiracleLinux 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-329:01 advisory. GnuTLS is a project that aims to develop a library which provides a secure layer, over a reliable transport layer. Currently the GnuTLS library...

MiracleLinux 9 : gnutls-3.8.3-6.el9_6.2 (AXSA:2025-10868:03)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10868:03 advisory. gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS SCT extension parsing CVE-2025-32989 gnutl...

EulerOS Virtualization 2.13.0 : gnutls (EulerOS-SA-2025-2576)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of...

EulerOS Virtualization 2.13.1 : gnutls (EulerOS-SA-2025-2541)

According to the versions of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: gnutls (UTSA-2025-991091)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-991091 advisory. A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings fro...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-7.3.1.2)

The version of AOS installed on the remote host is prior to 7.3.1.2. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-7.3.1.2 advisory. - A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool...

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: gnutls (UTSA-2025-990961)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990961 advisory. A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings fro...

Siemens SIMATIC S7-1500 Uncaught Exception (CVE-2024-28835)

A flaw has been discovered in GnuTLS where an application crash can be induced when attempting to verify a specially crafted .pem bundle using the certtool --verify-chain command. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information...

Astra Linux – Vulnerability in gnutls28

A heap-buffer-overflow off-by-one flaw was discovered in the GnuTLS software during the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption a...

EulerOS 2.0 SP13 : gnutls (EulerOS-SA-2025-2259)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads...

EulerOS 2.0 SP13 : gnutls (EulerOS-SA-2025-2291)

According to the versions of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads...

Alibaba Cloud Linux 3 : 0163: gnutls (ALINUX3-SA-2025:0163)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2025:0163 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2025-32988: A flaw was found in GnuTLS...

AlmaLinux 8 : gnutls (ALSA-2025:17415)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:17415 advisory. gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS otherName SAN export CVE-2025-32988 gnutls: NULL...

RLSA-2025:16116 Moderate: gnutls security, bug fix, and enhancement update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS SCT extension...