4455 matches found
gnutls security, bug fix, and enhancement update
3.8.3-6.2 - keyupdate: rework the rekeying logic RHEL-107498 3.8.3-6.1 - Fix CVE-2025-32988, CVE-2025-32989, CVE-2025-32990, and CVE-2025-6395...
Moderate: Red Hat Security Advisory: gnutls security, bug fix, and enhancement update
An update for gnutls is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...
gnutls: Vulnerability in GnuTLS SCT extension parsing
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite()
A NULL pointer dereference flaw was found in the GnuTLS software in gnutlsfigurecommonciphersuite...
gnutls: Vulnerability in GnuTLS otherName SAN export
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...
gnutls: Vulnerability in GnuTLS certtool template parsing
A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption and a...
gnutls: Vulnerability in GnuTLS certtool template parsing
A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption and a...
gnutls: Vulnerability in GnuTLS SCT extension parsing
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...
Moderate: Red Hat Security Advisory: gnutls security, bug fix, and enhancement update
An update for gnutls is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
gnutls: Vulnerability in GnuTLS otherName SAN export
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...
gnutls: NULL pointer dereference in _gnutls_figure_common_ciphersuite()
A NULL pointer dereference flaw was found in the GnuTLS software in gnutlsfigurecommonciphersuite...
GnuTLS: Multiple Vulnerabilities
Background GnuTLS is a secure communications library implementing the SSL, TLS, and DTLS protocols Description Multiple vulnerabilities have been discovered in GnuTLS. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details...
RHEL 10 : gnutls (RHSA-2025:16115)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:16115 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such ...
ALSA-2025:16115 Moderate: gnutls security, bug fix, and enhancement update
The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS SCT extension...
RHEL 9 : gnutls (RHSA-2025:16116)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:16116 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such a...
ALSA-2025:16116 Moderate: gnutls security, bug fix, and enhancement update
The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS SCT extension...
Moderate: gnutls security, bug fix, and enhancement update
The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Vulnerability in GnuTLS certtool template parsing CVE-2025-32990 gnutls: Vulnerability in GnuTLS SCT extension...
CLSA-2025-1758025991 gnutls: Fix of CVE-2025-32990
CVE-2025-32990: fix memory corruption in when parsing a template file...
CLSA-2025-1758022501 gnutls: Fix of CVE-2025-32990
CVE-2025-32990: fix memory corruption in when parsing a template file...
CLSA-2025-1758022425 gnutls: Fix of CVE-2025-32990
CVE-2025-32990: fix memory corruption in when parsing a template file...