Security update for gnutls SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2025:20563-1 Final 1 1 2025-08-20T11:55:17Z current 2025-08-20T11:55:17Z 2025-08-20T11:55:17Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for gnutls This update for gnutls fixes the following issues: - CVE-2025-32988: Fixed double-free due to incorrect ownership handling (bsc#1246232) - CVE-2025-32989: Fixed heap buffer overread during X.509 certificate parsing (bsc#1246233) - CVE-2025-32990: Fixed 1-byte heap buffer overflow when parsing templates with certtool (bsc#1246267) - CVE-2025-6395: Fixed NULL pointer dereference when 2nd Client Hello omits PSK (bsc#1246299) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-SLE-Micro-6.0-426 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2025/suse-su-202520563-1/ Link for SUSE-SU-2025:20563-1 https://lists.suse.com/pipermail/sle-security-updates/2025-August/022319.html E-Mail link for SUSE-SU-2025:20563-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1246232 SUSE Bug 1246232 https://bugzilla.suse.com/1246233 SUSE Bug 1246233 https://bugzilla.suse.com/1246267 SUSE Bug 1246267 https://bugzilla.suse.com/1246299 SUSE Bug 1246299 https://www.suse.com/security/cve/CVE-2025-32988/ SUSE CVE CVE-2025-32988 page https://www.suse.com/security/cve/CVE-2025-32989/ SUSE CVE CVE-2025-32989 page https://www.suse.com/security/cve/CVE-2025-32990/ SUSE CVE CVE-2025-32990 page https://www.suse.com/security/cve/CVE-2025-6395/ SUSE CVE CVE-2025-6395 page SUSE Linux Micro 6.0 gnutls-3.8.3-4.1 libgnutls30-3.8.3-4.1 gnutls-3.8.3-4.1 as a component of SUSE Linux Micro 6.0 libgnutls30-3.8.3-4.1 as a component of SUSE Linux Micro 6.0 A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior. CVE-2025-32988 SUSE Linux Micro 6.0:gnutls-3.8.3-4.1 SUSE Linux Micro 6.0:libgnutls30-3.8.3-4.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202520563-1/ https://www.suse.com/security/cve/CVE-2025-32988.html CVE-2025-32988 https://bugzilla.suse.com/1246232 SUSE Bug 1246232 A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly. CVE-2025-32989 SUSE Linux Micro 6.0:gnutls-3.8.3-4.1 SUSE Linux Micro 6.0:libgnutls30-3.8.3-4.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202520563-1/ https://www.suse.com/security/cve/CVE-2025-32989.html CVE-2025-32989 https://bugzilla.suse.com/1246233 SUSE Bug 1246233 A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system. CVE-2025-32990 SUSE Linux Micro 6.0:gnutls-3.8.3-4.1 SUSE Linux Micro 6.0:libgnutls30-3.8.3-4.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202520563-1/ https://www.suse.com/security/cve/CVE-2025-32990.html CVE-2025-32990 https://bugzilla.suse.com/1246267 SUSE Bug 1246267 A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite(). CVE-2025-6395 SUSE Linux Micro 6.0:gnutls-3.8.3-4.1 SUSE Linux Micro 6.0:libgnutls30-3.8.3-4.1 important To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2025/suse-su-202520563-1/ https://www.suse.com/security/cve/CVE-2025-6395.html CVE-2025-6395 https://bugzilla.suse.com/1246299 SUSE Bug 1246299