Oracle Linux 8 : gnutls (ELSA-2026-20611)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-20611 advisory. - Fix CVE-2026-33846 DTLS fragment reassembly, High, heap overwrite - Fix CVE-2026-42009 DTLS fragment reassembly, High, undefined behaviour - Fix...

RockyLinux 9 : gnutls (RLSA-2026:20612)

The remote RockyLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:20612 advisory. gnutls: Fix qsort comparator in DTLS reassembly CVE-2026-42009 gnutls: Fix crashing on an underflow with a DTLS datagram CVE-2026-33845 gnutls: Fix...

gnutls security update

An update is available for gnutls. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The gnutls packages provide the GNU Transport Layer Security GnuTLS library,...

RLSA-2026:20612 Important: gnutls security update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Fix qsort comparator in DTLS reassembly CVE-2026-42009 gnutls: Fix crashing on an underflow with a DTLS datagram...

Security update for gnutls

This update for gnutls fixes the following issues CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short ciphertexts bsc1263715. CVE-2026-5419: gnutlscipherdecrypt3: make PKCS7 unpadding branch...

SUSE-SU-2026:2115-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. - CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short ciphertexts bsc1263715. - CVE-2026-5419: gnutlscipherdecrypt3: make PKCS7 unpadding...

RLSA-2026:20611 Important: gnutls security update

Please update the gnutls packages to provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: Add more checks to DTLS reassembly CVE-2026-33846 gnutls: Fix qsort comparator in DTLS reassemb...

gnutls security update

An update is available for gnutls. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Please update the gnutls packages to provide the GNU Transport Layer Security...

SUSE SLES15 Security Update : gnutls (SUSE-SU-2026:2087-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2087-1 advisory. This update for gnutls fixes the following issues - CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive...

MiracleLinux 8 : gnutls-3.6.16-8.el8_10.6.ML.1 (AXSA:2026-729:16)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-729:16 advisory. gnutls: Add more checks to DTLS reassembly CVE-2026-33846 gnutls: Fix qsort comparator in DTLS reassembly CVE-2026-42009 gnutls: Fix crashing on an...

RockyLinux 8 : gnutls (RLSA-2026:20611)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2026:20611 advisory. gnutls: Add more checks to DTLS reassembly CVE-2026-33846 gnutls: Fix qsort comparator in DTLS reassembly CVE-2026-42009 gnutls: Fix crashing on an...

Security update for gnutls

This update for gnutls fixes the following issues CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short ciphertexts bsc1263715. CVE-2026-33845: buffers: switch from endoffset over to fraglength...

SUSE-SU-2026:2087-1 Security update for gnutls

This update for gnutls fixes the following issues - CVE-2026-3833: x509/name-constraints: compare domain names case-insensitive bsc1263707. - CVE-2026-5260: lib/pkcs11privkey: guard against overreading on short ciphertexts bsc1263715. - CVE-2026-33845: buffers: switch from endoffset over to...

AlmaLinux 8 : gnutls (ALSA-2026:20611)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:20611 advisory. gnutls: Add more checks to DTLS reassembly CVE-2026-33846 gnutls: Fix qsort comparator in DTLS reassembly CVE-2026-42009 gnutls: Fix crashing on an...

Botan 安全漏洞

Botan is a C++ encryption library developed by Jack Lloyd as an individual project. Versions of Botan prior to 3.12.0 contained security vulnerabilities. These vulnerabilities were caused byBER data, which led to reassembly behavior by the parser, potentially resulting in denial-of-service attack...

CVE-2026-48131 VPND IKE Fragment Reassembly - Heap Out-of-Bounds Write via Sequence Number Zero

The VPN service may mishandle an unexpected IKE fragment value received on the IKE port 500/UDP during the early stage of a connection attempt. This can cause the service to terminate unexpectedly, resulting in denial of service temporary disruption of VPN-related functionality...

CVE-2026-48131

CVE-2026-48131 concerns a VPN service handling of an unexpected IKE fragment value received on UDP/500 during early connection. The connected CVE data from CVELIST explicitly identifies the root cause as a Heap Out-of-Bounds Write via Sequence Number Zero during IKE fragment reassembly. This issu...

Important: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

gnutls: GnuTLS: Denial of Service via heap buffer overflow in DTLS handshake fragment reassembly

A heap buffer overflow vulnerability exists in the DTLS handshake fragment reassembly logic of GnuTLS. The issue arises in mergehandshakepacket where incoming handshake fragments are matched and merged based solely on handshake type, without validating that the messagelength field remains...

Important: Red Hat Security Advisory: gnutls security update

An update for gnutls is now available for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...