Moderate: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification

A flaw was found in GnuTLS. This vulnerability allows a denial of service DoS by excessive CPU Central Processing Unit and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names SANs...

gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function

A flaw was found in the GnuTLS library, specifically in the gnutlspkcs11tokeninit function that handles PKCS11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the applicatio...

gnutls security update

3.8.10-3 - Fix CVE-2025-9820, CVE-2025-14831, drop unused patches - Fix PKCS11 token initialization label overflow CVE-2025-9820 - Fix name constraint processing performance issue CVE-2025-14831 - Drop unused patches...

ALSA-2026:3477 Moderate: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Stack-based Buffer Overflow in gnutlspkcs11tokeninit Function CVE-2025-9820 gnutls: GnuTLS: Denial of Service vi...

PT-2026-36155

Name of the Vulnerable Software and Affected Versions gnutls affected versions not specified Description A flaw exists where case-sensitive comparisons are performed on nameConstraints labels, specifically for dNSName DNS or rfc822Name email constraints within excludedSubtrees or permittedSubtree...

PT-2026-36154

Name of the Vulnerable Software and Affected Versions gnutls affected versions not specified Description A logic error exists in how the software processes multi-record Online Certificate Status Protocol OCSP responses—a protocol used to check the revocation status of digital certificates. A remo...

Mageia: Security Advisory (MGASA-2026-0045)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2026-0045 Updated gnutls packages fix security vulnerability

Denial of service via excessive resource consumption during certificate verification. CVE-2025-14831...

Updated gnutls packages fix security vulnerability

Denial of service via excessive resource consumption during certificate verification. CVE-2025-14831...

📄 GnuTLS X.509 Name Constraints Denial of Service

This program is a multi-threaded test application created to analyze the impact of excessive X.509 Name Constraints processing in vulnerable versions of GnuTLS CVE-2025-14831. It generates a configurable certificate chain and attaches a very large number of Name Constraints and Subject Alternativ...

Debian: Security Advisory (DSA-6140-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

DSA-6140-1 gnutls28 - security update

Bulletin has no description...

Debian dsa-6140 : gnutls-bin - security update

The remote Debian 12 / 13 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-6140 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6140-1 [email protected]...

Slackware: Security Advisory (SSA:2026-042-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu: Security Advisory (USN-8043-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Slackware Linux 15.0 / current gnutls Multiple Vulnerabilities (SSA:2026-042-01)

The version of gnutls installed on the remote host is prior to 3.8.12. It is, therefore, affected by multiple vulnerabilities as referenced in the SSA:2026-042-01 advisory. New gnutls packages are available for Slackware 15.0 and -current to fix security issues. Tenable has extracted the precedin...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 : GnuTLS vulnerabilities (USN-8043-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8043-1 advisory. Tim Scheckenbach discovered that GnuTLS incorrectly handled malicious certificates containing a large number of name constraints and...

USN-8043-1: GnuTLS vulnerabilities

Tim Scheckenbach discovered that GnuTLS incorrectly handled malicious certificates containing a large number of name constraints and subject alternative names. A remote attacker could possibly use this issue to cause GnuTLS to consume resources, resulting in a denial of service. CVE-2025-14831...

USN-8043-1 gnutls28 vulnerabilities

Tim Scheckenbach discovered that GnuTLS incorrectly handled malicious certificates containing a large number of name constraints and subject alternative names. A remote attacker could possibly use this issue to cause GnuTLS to consume resources, resulting in a denial of service. CVE-2025-14831...