CVE-2025-32990

MEDIUM

Gnutls - Heap Buffer Overflow

Title source: rule
STIX 2.1

Description

A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system.

References (14)

Core 14
Core References
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:16115
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:16116
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:17181
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:17348
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:17361
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:17415
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:19088
Vendor Advisory vendor-advisory x_refsource_redhat
https://access.redhat.com/errata/RHSA-2025:22529
Vendor Advisory vdb-entry x_refsource_redhat
https://access.redhat.com/security/cve/CVE-2025-32990
Issue Tracking issue-tracking x_refsource_redhat
https://bugzilla.redhat.com/show_bug.cgi?id=2359620
Vendor Advisory vendor-advisory x_refsource_redhat
RHSA-2026:7477
https://access.redhat.com/errata/RHSA-2026:7477

Scores

CVSS v3 6.5
EPSS 0.0008
EPSS Percentile 23.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Details

CWE
CWE-122
Status published
Products (20)
gnu/gnutls
Red Hat/Red Hat Ceph Storage 7 sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe
Red Hat/Red Hat Discovery 2 sha256:435ba9959b793d46a63a74c343bb8c3ff68350496afec12cc5e894dfc40b7648
Red Hat/Red Hat Enterprise Linux 10 0:3.8.9-9.el10_0.14
Red Hat/Red Hat Enterprise Linux 6
Red Hat/Red Hat Enterprise Linux 7
Red Hat/Red Hat Enterprise Linux 8 0:3.6.16-8.el8_10.4
Red Hat/Red Hat Enterprise Linux 9 0:3.8.3-6.el9_6.2
Red Hat/Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions 0:3.7.6-21.el9_2.4
Red Hat/Red Hat Enterprise Linux 9.4 Extended Update Support 0:3.8.3-4.el9_4.4
... and 10 more
Published Jul 10, 2025
Tracked Since Feb 18, 2026