CVE-2025-32989
MEDIUMGnuTLS - Heap-Buffer-Overread in Certificate Transparency SCT Extension Parsing
Title source: llmDescription
A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.
References (13)
Core 13
Core References
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:16115
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:16116
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:17181
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:17348
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:17361
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:19088
Vendor Advisory vendor-advisory
x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:22529
Vendor Advisory vendor-advisory
x_refsource_redhat
RHSA-2026:7477
https://access.redhat.com/errata/RHSA-2026:7477
Vendor Advisory vdb-entry
x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2025-32989
Issue Tracking issue-tracking
x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2359621
Vendor Advisory
https://cert-portal.siemens.com/productcert/html/ssa-082556.html
Scores
CVSS v3
5.3
EPSS
0.0118
EPSS Percentile
63.5%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-295
Status
published
Products (20)
gnu/gnutls
Red Hat/Red Hat Ceph Storage 7
sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe
Red Hat/Red Hat Discovery 2
sha256:435ba9959b793d46a63a74c343bb8c3ff68350496afec12cc5e894dfc40b7648
Red Hat/Red Hat Enterprise Linux 10
0:3.8.9-9.el10_0.14
Red Hat/Red Hat Enterprise Linux 6
Red Hat/Red Hat Enterprise Linux 7
Red Hat/Red Hat Enterprise Linux 8
Red Hat/Red Hat Enterprise Linux 9
0:3.8.3-6.el9_6.2
Red Hat/Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions
0:3.7.6-21.el9_2.4
Red Hat/Red Hat Enterprise Linux 9.4 Extended Update Support
0:3.8.3-4.el9_4.4
... and 10 more
Published
Jul 10, 2025
Tracked Since
Feb 18, 2026