CLSA-2025-1759335207 gnutls: Fix of CVE-2025-32990

CVE-2025-32990: fix heap-buffer-overflow issue in template parsing logic within certtool utility...

CLSA-2025-1759334959 gnutls: Fix of CVE-2025-32990

CVE-2025-32990: fix heap-buffer-overflow flaw in template parsing logic to prevent OOB NULL pointer write and memory corruption...

CLSA-2025-1759334361 gnutls: Fix of CVE-2025-32990

CVE-2025-32990: fix heap-buffer-overflow flaw in template parsing logic to prevent OOB NULL pointer write and memory corruption...

CLSA-2025-1759247437 gnutls: Fix of 2 CVEs

CVE-2025-32990: fix memory corruption in when parsing a template file - CVE-2025-32988: fix double-free vulnerability in export logic of Subject Alternative Name SAN entries containing an otherName...

gnutls: Vulnerability in GnuTLS certtool template parsing

A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption and a...

gnutls: Vulnerability in GnuTLS certtool template parsing

A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory corruption and a...

RHEL 9 : gnutls (RHSA-2025:16116)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2025:16116 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such a...

CLSA-2025-1758022425 gnutls: Fix of CVE-2025-32990

CVE-2025-32990: fix memory corruption in when parsing a template file...

USN-7742-1 gnutls28 vulnerabilities

It was discovered that GnuTLS incorrectly handled exporting Subject Alternative Name SAN entries containing an otherName. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LT...

USN-7742-1: GnuTLS vulnerabilities

It was discovered that GnuTLS incorrectly handled exporting Subject Alternative Name SAN entries containing an otherName. A remote attacker could use this issue to cause GnuTLS to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 18.04 LT...

MGASA-2025-0225 Updated gnutls packages fix vulnerabilities

null pointer dereference in gnutlsfigurecommonciphersuite. CVE-2025-6395 Vulnerability in gnutls othername san export. CVE-2025-32988 Vulnerability in gnutls sct extension parsing. CVE-2025-32989 Vulnerability in gnutls certtool template parsing. CVE-2025-32990...

Updated gnutls packages fix vulnerabilities

null pointer dereference in gnutlsfigurecommonciphersuite. CVE-2025-6395 Vulnerability in gnutls othername san export. CVE-2025-32988 Vulnerability in gnutls sct extension parsing. CVE-2025-32989 Vulnerability in gnutls certtool template parsing. CVE-2025-32990...

OESA-2025-2084 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

Linux Distros Unpatched Vulnerability : CVE-2024-9367

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in GitLab CE/EE affecting all versions starting from 13.9 before 17.4.6, 17.5 before 17.5.4, and 17.6 before 17.6.2, that allows an...

Medium: gnutls

Issue Overview: A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds OOB NULL pointer write, resulting in memory...

Amazon Linux 2 : gnutls (ALAS-2025-2969)

The version of gnutls installed on the remote host is prior to 3.3.29-9. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2969 advisory. A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility...

Medium: gnutls

Issue Overview: A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name SAN entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1deletestructure on an...

OESA-2025-2007 gnutls security update

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, and other...

CVE-2025-8844 NASM Netwide Assember preproc.c parse_smacro_template null pointer dereference

A vulnerability was determined in NASM Netwide Assember 2.17rc0. This vulnerability affects the function parsesmacrotemplate of the file preproc.c. The manipulation leads to null pointer dereference. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used...

Linux Distros Unpatched Vulnerability : CVE-2025-32990

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-buffer-overflow off-by-one flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain setting...