gnutls-3.6.16-8.el8_10.5.ML.1
エラータID: AXSA:2026-360:02
The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.
Security Fix(es):
* gnutls: Stack-based Buffer Overflow in gnutls_pkcs11_token_init() Function (CVE-2025-9820)
* gnutls: GnuTLS: Denial of Service via excessive resource consumption during certificate verification (CVE-2025-14831)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
CVE-2025-14831
A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).
CVE-2025-9820
A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.
Update packages.
A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).
A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.
N/A
SRPMS
- gnutls-3.6.16-8.el8_10.5.ML.1.src.rpm
MD5: 9930ecd37ce361ebd19d2f085028ae81
SHA-256: 4c5a433ee3ee748cde12afd19b82d079bada81db75a31cdd23c01c2e55da47e1
Size: 5.53 MB
Asianux Server 8 for x86_64
- gnutls-3.6.16-8.el8_10.5.ML.1.i686.rpm
MD5: dc3427d366c7e9597eb87bd7833bf09f
SHA-256: 01bc352bfba1267f982aca64b1221c85f8f51c2422453ff71da76ff4634f4bf3
Size: 1.01 MB - gnutls-3.6.16-8.el8_10.5.ML.1.x86_64.rpm
MD5: 23cd155c24cc2c95a268aee7e8c9f8b3
SHA-256: d89003cb3c8c1aa565444bdd88210204ac8928913b192f14855a0715aa3dd42f
Size: 1.00 MB - gnutls-c++-3.6.16-8.el8_10.5.ML.1.i686.rpm
MD5: 12f0bdbb955f78db4237e1befe997628
SHA-256: 91afa9f9d74d0ba15f6ccbd80678912e4619a7ae7fa329cb9a9b267a3adc804e
Size: 49.96 kB - gnutls-c++-3.6.16-8.el8_10.5.ML.1.x86_64.rpm
MD5: 1ae60df209f41c320be36f0af67d6a91
SHA-256: 20d2b7e84fef2605148e2fb859b5398d3ed59fbb5c45415e84c8a1bd90ed201f
Size: 48.90 kB - gnutls-dane-3.6.16-8.el8_10.5.ML.1.i686.rpm
MD5: e7e836b488fc0080e97a0b299dc77b16
SHA-256: 636285b9fce9f4f91cb47ff21156e3a806149db3a05c910f2bda07a195556a8e
Size: 53.19 kB - gnutls-dane-3.6.16-8.el8_10.5.ML.1.x86_64.rpm
MD5: 6dcf900bce22a30b2fdea6d2ca2a3fc0
SHA-256: 9d1a07c13427a93eb8b45480b44091894211ece0f07e84bd1779286eb8ccc929
Size: 52.30 kB - gnutls-devel-3.6.16-8.el8_10.5.ML.1.i686.rpm
MD5: 4990b8e6e4e99a380f347b63a794cf7b
SHA-256: 64b382024bf2efad6a55bddc7db88c4b37d4e30af43feb9f5e91f8023e0aedfa
Size: 2.18 MB - gnutls-devel-3.6.16-8.el8_10.5.ML.1.x86_64.rpm
MD5: 8f1cf55f6f42a3aa9b4b340a63defe4f
SHA-256: cadcc0e73426d2dd3d5da355aa5d5aebd0ed678b9ee60f4588fc70ef3a901299
Size: 2.18 MB - gnutls-utils-3.6.16-8.el8_10.5.ML.1.x86_64.rpm
MD5: 4dd8d07a41ebb6f1d4db9008ae8bace6
SHA-256: 9fddd1c351a4ba977cb0dd47f6db066bd736206304334c4bf3c011ea63f43444
Size: 348.93 kB