CVE-2025-32990

A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption and a...

AZL-65091 CVE-2025-32990 affecting package gnutls for versions less than 3.7.11-4

A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption and a...

ALPINE-CVE-2025-32990

A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption and a...

CVE-2025-32990

A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption and a...

AZL-65100 CVE-2025-32990 affecting package gnutls for versions less than 3.8.3-6

A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption and a...

UBUNTU-CVE-2025-32990

A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption and a...

CVE-2025-32990

A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption and a...

CVE-2025-32990 Gnutls: vulnerability in gnutls certtool template parsing

A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption and a...

CVE-2025-32990

CVE-2025-32990 is a GnuTLS issue affecting certtool template parsing. A heap-buffer-overflow (off-by-one) can cause an out-of-bounds write to a NULL pointer, leading to memory corruption and a potential denial-of-service. The connected advisories confirm the vulnerability in GnuTLS and reference ...

CVE-2025-32990 Gnutls: vulnerability in gnutls certtool template parsing

A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption and a...

AZL-65103 CVE-2025-32989 affecting package gnutls for versions less than 3.8.3-6

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

AZL-65106 CVE-2025-32988 affecting package gnutls for versions less than 3.8.3-6

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...

DEBIAN-CVE-2025-32989

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

CVE-2025-32989

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

DEBIAN-CVE-2025-32988

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...

AZL-65085 CVE-2025-32988 affecting package gnutls for versions less than 3.7.11-4

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...

CVE-2025-32988

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...

ALPINE-CVE-2025-32988

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an ASN.1 node it do...

CVE-2025-32989

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...

ALPINE-CVE-2025-32989

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency CT Signed Certificate Timestamp SCT extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension OID...