gnutls-3.8.3-6.el9_6.2
エラータID: AXSA:2025-10868:03
リリース日:
2025/09/19 Friday - 17:38
題名:
gnutls-3.8.3-6.el9_6.2
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- GnuTLS には、メモリ領域の二重解放の問題があるため、リモート
の攻撃者により、サービス拒否攻撃、およびメモリ破壊を可能とする
脆弱性が存在します。(CVE-2025-32988)
- GnuTLS には、証明書の検証処理に問題があるため、リモートの
攻撃者により、情報の漏洩を可能とする脆弱性が存在します。
(CVE-2025-32989)
- GnuTLS の certtool 内のテンプレート解析ロジックには、ヒープ
ベースのバッファオーバーフローの問題があるため、リモートの攻撃者
により、メモリ破壊、およびサービス拒否攻撃を可能とする脆弱性が
存在します。(CVE-2025-32990)
- GnuTLS には、NULL ポインタデリファレンスの問題があるため、
リモートの攻撃者により、データ破壊、およびサービス拒否攻撃を
可能とする脆弱性が存在します。(CVE-2025-6395)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2025-32988
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.
CVE-2025-32989
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.
CVE-2025-32990
A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system.
A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system.
CVE-2025-6395
A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().
A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().
追加情報:
N/A
ダウンロード:
SRPMS
- gnutls-3.8.3-6.el9_6.2.src.rpm
MD5: dbeb20b7ee98566a73b1b0a682e3c878
SHA-256: 1eec75cea3a93a7b6527aacbe7ff527ac3147e9b424e0c6ab666e4774f5c9944
Size: 8.21 MB
Asianux Server 9 for x86_64
- gnutls-3.8.3-6.el9_6.2.i686.rpm
MD5: 85e40cd901c511fe904c32b4ca2d12ea
SHA-256: 51d6142c0137a145fdc5eac0f6a7cf40d8287af3afa8aefd0937ca97c0fe8f32
Size: 1.07 MB - gnutls-3.8.3-6.el9_6.2.x86_64.rpm
MD5: af28e1606bfc8be6f28242651514d30d
SHA-256: 08090efa04aa324f8e2c5078a9cee936b4c8eb9ddb251a65525da8e9924dee61
Size: 1.08 MB - gnutls-c++-3.8.3-6.el9_6.2.i686.rpm
MD5: 0c0678d25a88d35e9f30f9bf9668fdae
SHA-256: d2deb0ce9f063e85ae82ca4e47dd75da99f682ccab4f710f7e329aea55a91a6f
Size: 29.94 kB - gnutls-c++-3.8.3-6.el9_6.2.x86_64.rpm
MD5: e90fbc70b76efed9ba9a9116eef0d2af
SHA-256: caa32ecef931b1a03c5c3934b47fc79bcc08fe3676679fdd3e83baee639ed702
Size: 28.63 kB - gnutls-dane-3.8.3-6.el9_6.2.i686.rpm
MD5: 4cb0c6e23cd0b88b3d671e71a117599e
SHA-256: b4316f30c4a0158d1f0696acdcb3eb90d8b6ee1be087f2454cb4ff02010d4758
Size: 18.22 kB - gnutls-dane-3.8.3-6.el9_6.2.x86_64.rpm
MD5: 94833f2169b108d299f4be63222c233d
SHA-256: baca56470702a2684f7e76ed2605b02e490dd14e9276f6a68e465e2c3a34a216
Size: 18.00 kB - gnutls-devel-3.8.3-6.el9_6.2.i686.rpm
MD5: 038ddd9416a81c76b567012624a50edb
SHA-256: 66562824a3616f56f4214276f417ad90f3da39a39899fc85ff9b9c82bc564325
Size: 2.45 MB - gnutls-devel-3.8.3-6.el9_6.2.x86_64.rpm
MD5: 8b0e5501b677fefa317eb37baf5ef54a
SHA-256: 22cfa483c43d36956c5e71c5dbf02d0f7cf913acca5aeefba7ac504cb6ad250e
Size: 2.45 MB - gnutls-utils-3.8.3-6.el9_6.2.x86_64.rpm
MD5: a1b7d1054038cc6259d89890009b10c3
SHA-256: 4b4aee72e74d1de68d879d9a08b8486de34422c64a23ee818eb348d89f6c4052
Size: 290.08 kB
English