gnutls-3.8.3-10.el9_7
エラータID: AXSA:2026-285:01
The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.
Security Fix(es):
* gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function (CVE-2025-9820)
* gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification (CVE-2025-14831)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2025-14831
A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).
CVE-2025-9820
A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.
Update packages.
A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).
A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.
N/A
SRPMS
- gnutls-3.8.3-10.el9_7.src.rpm
MD5: 2231a4df8db810eb131910fe79339c9b
SHA-256: fdc7d4bbc7f59ffe99b155badab0047a92043d9ecb9dc3ec4b0ea45095f05f51
Size: 8.22 MB
Asianux Server 9 for x86_64
- gnutls-3.8.3-10.el9_7.i686.rpm
MD5: c3f48d9648e505533f1c4cccbe97e858
SHA-256: 37fed113d3961009ff3c00b4e0046986e1a426d42ed9f82a95d003b12bd3783a
Size: 1.07 MB - gnutls-3.8.3-10.el9_7.x86_64.rpm
MD5: 5fc04801591c8f4954d6a4fc670a72c7
SHA-256: e78255cd23d264bbd8a1dc7d5e8a3dda1ebd6c82246d68ba785078adf02f9ee1
Size: 1.08 MB - gnutls-c++-3.8.3-10.el9_7.i686.rpm
MD5: 3296de786b50ae2ee92af0b01e11630a
SHA-256: 52a79f734fc905e0209d66ecdec439bd1d7de1f71c5660122a7db97dd4e470cf
Size: 29.21 kB - gnutls-c++-3.8.3-10.el9_7.x86_64.rpm
MD5: 5833286f731c3101ca6e3098bf600567
SHA-256: a7f8c4507861afe2dd68fd4b49c67e0910068cbfea91987827fcc1a31887c3b1
Size: 28.08 kB - gnutls-dane-3.8.3-10.el9_7.i686.rpm
MD5: dbfe39e2b1d92f17cfad9007c9d62ce4
SHA-256: 2777ab650ed27d4db9e3d9a69d563ef3d4ff5d546dadfae67251c3a194e7c856
Size: 17.75 kB - gnutls-dane-3.8.3-10.el9_7.x86_64.rpm
MD5: 713b32b4efe6f95b1ce5c373205652b4
SHA-256: c2de4139a21bd5e79790a083bd84ae68d4bda157ef26aa7c32211b1eb25b4bf0
Size: 17.70 kB - gnutls-devel-3.8.3-10.el9_7.i686.rpm
MD5: 5e7d65c5e8d94ce6c6bc5f75f80fc375
SHA-256: aa72ab8fa94d47bfde51d5004975e0ae4944bbb7368580f1aaebf40d83f466e3
Size: 2.45 MB - gnutls-devel-3.8.3-10.el9_7.x86_64.rpm
MD5: b41cecbbd86e9e89b7a985bfda12970b
SHA-256: 9cfac1cf43f5bff9a361f82be1946a2584b68b5de4fcc746135393148fa6ddb5
Size: 2.45 MB - gnutls-utils-3.8.3-10.el9_7.x86_64.rpm
MD5: 43c89409bab5ec62d94b0315415e3811
SHA-256: 44dd44c16270a18798991065d7ec369fc5c56d0b75e9ef1706d4a45c13161684
Size: 287.83 kB