CVE-2026-42014

MEDIUM

Gnutls: fix use-after-free in gnutls_pkcs11_token_set_pin

Title source: cna

Description

A flaw was found in GnuTLS. The `gnutls_pkcs11_token_set_pin` function, used for changing the Security Officer PIN, can lead to a use-after-free vulnerability. This occurs when an attacker attempts to change the PIN with a NULL old PIN for a token that lacks a protected authentication path.

References (7)

Core 7

Core References

Vendor Advisory vendor-advisory x_refsource_redhat

RHSA-2026:20611

https://access.redhat.com/errata/RHSA-2026:20611

Vendor Advisory vendor-advisory x_refsource_redhat

RHSA-2026:20612

https://access.redhat.com/errata/RHSA-2026:20612

Vendor Advisory vendor-advisory x_refsource_redhat

RHSA-2026:20613

https://access.redhat.com/errata/RHSA-2026:20613

Vdb Entry, X_Refsource_Redhat vdb-entry x_refsource_redhat

https://access.redhat.com/security/cve/CVE-2026-42014

Issue Tracking, X_Refsource_Redhat issue-tracking x_refsource_redhat

RHBZ#2467451

https://bugzilla.redhat.com/show_bug.cgi?id=2467451

https://gitlab.com/gnutls/gnutls/-/issues/1766

https://www.gnutls.org/security-new.html#GNUTLS-SA-2026-04-29-9

Scores

CVSS v3 6.6

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H

Details

CWE

CWE-825

Status published

Products (7)

Red Hat/Red Hat Enterprise Linux 10 0:3.8.10-4.el10_2

Red Hat/Red Hat Enterprise Linux 6

Red Hat/Red Hat Enterprise Linux 7

Red Hat/Red Hat Enterprise Linux 8 0:3.6.16-8.el8_10.6

Red Hat/Red Hat Enterprise Linux 9 0:3.8.10-4.el9_8

Red Hat/Red Hat Hardened Images

Red Hat/Red Hat OpenShift Container Platform 4

Published Jun 16, 2026

Tracked Since Jun 16, 2026