CVE-2025-32988

Published Jul 10, 2025

Last updated 3 days ago

CVSS medium 6.5
Firmware
Tls

Overview

Description
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.
Source
secalert@redhat.com
NVD status
Modified
Products
gnutls, openshift_container_platform, enterprise_linux

Risk scores

CVSS 3.1

Type
Primary
Base score
8.2
Impact score
4.2
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
Severity
HIGH

Weaknesses

secalert@redhat.com
CWE-415

Social media

Hype score
Not currently trending

  1. ⚠️ Vulnerabilidades en productos Juniper Networks ❗ CVE-2025-32990 ❗ CVE-2025-32988 ❗ CVE-2025-23048 ➡️ Más info: https://t.co/L2IfbfV9Gr https://t.co/PWDTxfgcCA

    @CERTpy

    18 Feb 2026

    156 Impressions

    1 Retweet

    3 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 Critical GnuTLS vulns (CVE-2025-32988, CVE-2025-32990) patched. Remote Code Execution risk for Ubuntu 18.04/20.04. Read more: 👉 https://t.co/E4Xk2is7S1 #Security #Ubuntu https://t.co/lpzvdTDVpT

    @Cezar_H_Linux

    12 Sept 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. 🔥CRITICAL #Debian 11 Patch! DLA-4267-1 fixes HIGH-SEV flaws in #GnuTLS (CVE-2025-6395, CVE-2025-32988 - RCE!, CVE-2025-32990). Exploits = DoS / Full System Compromise! Read more: 👉 https://t.co/0sRhKm4Yng https://t.co/kULDsi41QI

    @Cezar_H_Linux

    10 Aug 2025

    39 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. URGENT: All #openSUSE Leap 15.4 users! gnutls update patches 4 CRITICAL flaws: CVE-2025-6395 (9.8 CVSS) CVE-2025-32988 (RCE risk) Patch command: zypper in -t patch SUSE-2025-2589=1 Full advisory ↓ Read more: 👉 https://t.co/jesXyALl9R https://t.co/5M85o3u62B

    @Cezar_H_Linux

    2 Aug 2025

    31 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

Configurations

Related CVEs

  1. Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the relevant key type, to be accepted by signature verification functions. This could lead to reduced security of ECDSA certificate-based authentication if the public CA key used is also known. This affects ECDSA/ECC verification when EdDSA or ML-DSA is also enabled.CVE-2026-5194
  2. A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and resulting in a remote Denial of Service (DoS) condition.CVE-2026-1584
  3. In Canonical LXD versions 4.12 through 6.7, the doCertificateUpdate function in lxd/certificates.go does not validate the Type field when handling PUT/PATCH requests to /1.0/certificates/{fingerprint} for restricted TLS certificate users, allowing a remote authenticated attacker to escalate privileges to cluster admin.CVE-2026-34179
  4. Issue summary: Converting an excessively large OCTET STRING value to a hexadecimal string leads to a heap buffer overflow on 32 bit platforms. Impact summary: A heap buffer overflow may lead to a crash or possibly an attacker controlled code execution or other undefined behavior. If an attacker can supply a crafted X.509 certificate with an excessively large OCTET STRING value in extensions such as the Subject Key Identifier (SKID) or Authority Key Identifier (AKID) which are being converted to hex, the size of the buffer needed for the result is calculated as multiplication of the input length by 3. On 32 bit platforms, this multiplication may overflow resulting in the allocation of a smaller buffer and a heap buffer overflow. Applications and services that print or log contents of untrusted X.509 certificates are vulnerable to this issue. As the certificates would have to have sizes of over 1 Gigabyte, printing or logging such certificates is a fairly unlikely operation and only 32 bit platforms are affected, this issue was assigned Low severity. The FIPS modules in 3.6, 3.5, 3.4, 3.3 and 3.0 are not affected by this issue, as the affected code is outside the OpenSSL FIPS module boundary.CVE-2026-31789
  5. Issue summary: An uncommon configuration of clients performing DANE TLSA-based server authentication, when paired with uncommon server DANE TLSA records, may result in a use-after-free and/or double-free on the client side. Impact summary: A use after free can have a range of potential consequences such as the corruption of valid data, crashes or execution of arbitrary code. However, the issue only affects clients that make use of TLSA records with both the PKIX-TA(0/PKIX-EE(1) certificate usages and the DANE-TA(2) certificate usage. By far the most common deployment of DANE is in SMTP MTAs for which RFC7672 recommends that clients treat as 'unusable' any TLSA records that have the PKIX certificate usages. These SMTP (or other similar) clients are not vulnerable to this issue. Conversely, any clients that support only the PKIX usages, and ignore the DANE-TA(2) usage are also not vulnerable. The client would also need to be communicating with a server that publishes a TLSA RRset with both types of TLSA records. No FIPS modules are affected by this issue, the problem code is outside the FIPS module boundary.CVE-2026-28387

References

Sources include official advisories and independent security research.