{ "document":{ "aggregate_severity":{ "namespace":"https://nvd.nist.gov/vuln-metrics/cvss", "text":"Medium" }, "category":"csaf_vex", "csaf_version":"2.0", "distribution":{ "tlp":{ "label":"WHITE", "url":"https:/www.first.org/tlp/" } }, "lang":"en", "notes":[ { "text":"gnutls security update", "category":"general", "title":"Synopsis" }, { "text":"An update for gnutls is now available for openEuler-24.03-LTS-SP2", "category":"general", "title":"Summary" }, { "text":"GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface (API) to access the secure communications protocols as well as APIs to parse and write X.509, PKCS #12, and other required structures. The project strives to provide a secure communications back-end, simple to use and integrated with the rest of the base Linux libraries. A back-end designed to work and be secure out of the box, keeping the complexity of TLS and PKI out of application code.\n\nSecurity Fix(es):\n\nA vulnerability, which was classified as critical, was found in GnuTLS (Network Encryption Software) (affected version unknown).CWE is classifying the issue as CWE-415. The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.This is going to have an impact on confidentiality, integrity, and availability.There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.(CVE-2025-32988)\n\nGnuTLS is a free secure communication library for implementing SSL, TLS and DTLS protocols open source.\n GnuTLS has a trust management vulnerability, which originated from improper processing of CT SCT SCT expansion during X.509 certificate resolution, which may lead to information leakage.(CVE-2025-32989)\n\nGnuTLS is a free secure communication library for implementing SSL, TLS and DTLS protocols.\n There is a security vulnerability in GnuTLS that originates from a heap buffer overflow in the certtool tool template parsing logic, which can lead to memory corruption and denial of service.(CVE-2025-32990)\n\nA vulnerability, which was classified as problematic, was found in GnuTLS (Network Encryption Software) (affected version unknown).CWE is classifying the issue as CWE-476. A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.This is going to have an impact on availability.There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2025-21000).(CVE-2025-6395)", "category":"general", "title":"Description" }, { "text":"An update for gnutls is now available for openEuler-24.03-LTS-SP2.\n\nopenEuler Security has rated this update as having a security impact of medium. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.", "category":"general", "title":"Topic" }, { "text":"Medium", "category":"general", "title":"Severity" }, { "text":"gnutls", "category":"general", "title":"Affected Component" } ], "publisher":{ "issuing_authority":"openEuler security committee", "name":"openEuler", "namespace":"https://www.openeuler.org", "contact_details":"openeuler-security@openeuler.org", "category":"vendor" }, "references":[ { "summary":"openEuler-SA-2025-2011", "category":"self", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2011" }, { "summary":"CVE-2025-32988", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-32988&packageName=gnutls" }, { "summary":"CVE-2025-32989", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-32989&packageName=gnutls" }, { "summary":"CVE-2025-32990", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-32990&packageName=gnutls" }, { "summary":"CVE-2025-6395", "category":"self", "url":"https://www.openeuler.org/en/security/cve/detail/?cveId=CVE-2025-6395&packageName=gnutls" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-32988" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-32989" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-32990" }, { "summary":"nvd cve", "category":"external", "url":"https://nvd.nist.gov/vuln/detail/CVE-2025-6395" }, { "summary":"openEuler-SA-2025-2011 vex file", "category":"self", "url":"https://repo.openeuler.org/security/data/csaf/advisories/2025/csaf-openeuler-sa-2025-2011.json" } ], "title":"An update for gnutls is now available for openEuler-24.03-LTS-SP2", "tracking":{ "initial_release_date":"2025-08-15T20:46:13+08:00", "revision_history":[ { "date":"2025-08-15T20:46:13+08:00", "summary":"Initial", "number":"1.0.0" } ], "generator":{ "date":"2025-08-15T20:46:13+08:00", "engine":{ "name":"openEuler CSAF Tool V1.0" } }, "current_release_date":"2025-08-15T20:46:13+08:00", "id":"openEuler-SA-2025-2011", "version":"1.0.0", "status":"final" } }, "product_tree":{ "branches":[ { "name":"openEuler", "category":"vendor", "branches":[ { "name":"openEuler", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"openEuler-24.03-LTS-SP2", "name":"openEuler-24.03-LTS-SP2" }, "name":"openEuler-24.03-LTS-SP2", "category":"product_version" } ], "category":"product_name" }, { "name":"aarch64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"gnutls-3.8.2-7.oe2403sp2.aarch64.rpm", "name":"gnutls-3.8.2-7.oe2403sp2.aarch64.rpm" }, "name":"gnutls-3.8.2-7.oe2403sp2.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"gnutls-dane-3.8.2-7.oe2403sp2.aarch64.rpm", "name":"gnutls-dane-3.8.2-7.oe2403sp2.aarch64.rpm" }, "name":"gnutls-dane-3.8.2-7.oe2403sp2.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64.rpm", "name":"gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64.rpm" }, "name":"gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64.rpm", "name":"gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64.rpm" }, "name":"gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"gnutls-devel-3.8.2-7.oe2403sp2.aarch64.rpm", "name":"gnutls-devel-3.8.2-7.oe2403sp2.aarch64.rpm" }, "name":"gnutls-devel-3.8.2-7.oe2403sp2.aarch64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"gnutls-utils-3.8.2-7.oe2403sp2.aarch64.rpm", "name":"gnutls-utils-3.8.2-7.oe2403sp2.aarch64.rpm" }, "name":"gnutls-utils-3.8.2-7.oe2403sp2.aarch64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"src", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"gnutls-3.8.2-7.oe2403sp2.src.rpm", "name":"gnutls-3.8.2-7.oe2403sp2.src.rpm" }, "name":"gnutls-3.8.2-7.oe2403sp2.src.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"x86_64", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"gnutls-3.8.2-7.oe2403sp2.x86_64.rpm", "name":"gnutls-3.8.2-7.oe2403sp2.x86_64.rpm" }, "name":"gnutls-3.8.2-7.oe2403sp2.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"gnutls-dane-3.8.2-7.oe2403sp2.x86_64.rpm", "name":"gnutls-dane-3.8.2-7.oe2403sp2.x86_64.rpm" }, "name":"gnutls-dane-3.8.2-7.oe2403sp2.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64.rpm", "name":"gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64.rpm" }, "name":"gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64.rpm", "name":"gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64.rpm" }, "name":"gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"gnutls-devel-3.8.2-7.oe2403sp2.x86_64.rpm", "name":"gnutls-devel-3.8.2-7.oe2403sp2.x86_64.rpm" }, "name":"gnutls-devel-3.8.2-7.oe2403sp2.x86_64.rpm", "category":"product_version" }, { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"gnutls-utils-3.8.2-7.oe2403sp2.x86_64.rpm", "name":"gnutls-utils-3.8.2-7.oe2403sp2.x86_64.rpm" }, "name":"gnutls-utils-3.8.2-7.oe2403sp2.x86_64.rpm", "category":"product_version" } ], "category":"architecture" }, { "name":"noarch", "branches":[ { "product":{ "product_identification_helper":{ "cpe":"cpe:/a:openEuler:openEuler:24.03-LTS-SP2" }, "product_id":"gnutls-help-3.8.2-7.oe2403sp2.noarch.rpm", "name":"gnutls-help-3.8.2-7.oe2403sp2.noarch.rpm" }, "name":"gnutls-help-3.8.2-7.oe2403sp2.noarch.rpm", "category":"product_version" } ], "category":"architecture" } ] } ], "relationships":[ { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"gnutls-3.8.2-7.oe2403sp2.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.aarch64", "name":"gnutls-3.8.2-7.oe2403sp2.aarch64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"gnutls-dane-3.8.2-7.oe2403sp2.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.aarch64", "name":"gnutls-dane-3.8.2-7.oe2403sp2.aarch64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64", "name":"gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64", "name":"gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"gnutls-devel-3.8.2-7.oe2403sp2.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.aarch64", "name":"gnutls-devel-3.8.2-7.oe2403sp2.aarch64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"gnutls-utils-3.8.2-7.oe2403sp2.aarch64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.aarch64", "name":"gnutls-utils-3.8.2-7.oe2403sp2.aarch64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"gnutls-3.8.2-7.oe2403sp2.src.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.src", "name":"gnutls-3.8.2-7.oe2403sp2.src as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"gnutls-3.8.2-7.oe2403sp2.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.x86_64", "name":"gnutls-3.8.2-7.oe2403sp2.x86_64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"gnutls-dane-3.8.2-7.oe2403sp2.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.x86_64", "name":"gnutls-dane-3.8.2-7.oe2403sp2.x86_64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64", "name":"gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64", "name":"gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"gnutls-devel-3.8.2-7.oe2403sp2.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.x86_64", "name":"gnutls-devel-3.8.2-7.oe2403sp2.x86_64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"gnutls-utils-3.8.2-7.oe2403sp2.x86_64.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.x86_64", "name":"gnutls-utils-3.8.2-7.oe2403sp2.x86_64 as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" }, { "relates_to_product_reference":"openEuler-24.03-LTS-SP2", "product_reference":"gnutls-help-3.8.2-7.oe2403sp2.noarch.rpm", "full_product_name":{ "product_id":"openEuler-24.03-LTS-SP2:gnutls-help-3.8.2-7.oe2403sp2.noarch", "name":"gnutls-help-3.8.2-7.oe2403sp2.noarch as a component of openEuler-24.03-LTS-SP2" }, "category":"default_component_of" } ] }, "vulnerabilities":[ { "cve":"CVE-2025-32988", "notes":[ { "text":"A vulnerability, which was classified as critical, was found in GnuTLS (Network Encryption Software) (affected version unknown).CWE is classifying the issue as CWE-415. The product calls free() twice on the same memory address, potentially leading to modification of unexpected memory locations.This is going to have an impact on confidentiality, integrity, and availability.There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.src", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-help-3.8.2-7.oe2403sp2.noarch" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.src", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-help-3.8.2-7.oe2403sp2.noarch" ], "details":"gnutls security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2011" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.5, "vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.src", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-help-3.8.2-7.oe2403sp2.noarch" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-32988" }, { "cve":"CVE-2025-32989", "notes":[ { "text":"GnuTLS is a free secure communication library for implementing SSL, TLS and DTLS protocols open source.\n GnuTLS has a trust management vulnerability, which originated from improper processing of CT SCT SCT expansion during X.509 certificate resolution, which may lead to information leakage.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.src", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-help-3.8.2-7.oe2403sp2.noarch" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.src", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-help-3.8.2-7.oe2403sp2.noarch" ], "details":"gnutls security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2011" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":5.3, "vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.src", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-help-3.8.2-7.oe2403sp2.noarch" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-32989" }, { "cve":"CVE-2025-32990", "notes":[ { "text":"GnuTLS is a free secure communication library for implementing SSL, TLS and DTLS protocols.\n There is a security vulnerability in GnuTLS that originates from a heap buffer overflow in the certtool tool template parsing logic, which can lead to memory corruption and denial of service.", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.src", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-help-3.8.2-7.oe2403sp2.noarch" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.src", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-help-3.8.2-7.oe2403sp2.noarch" ], "details":"gnutls security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2011" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.5, "vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.src", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-help-3.8.2-7.oe2403sp2.noarch" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-32990" }, { "cve":"CVE-2025-6395", "notes":[ { "text":"A vulnerability, which was classified as problematic, was found in GnuTLS (Network Encryption Software) (affected version unknown).CWE is classifying the issue as CWE-476. A NULL pointer dereference occurs when the application dereferences a pointer that it expects to be valid, but is NULL, typically causing a crash or exit.This is going to have an impact on availability.There is no information about possible countermeasures known. It may be suggested to replace the affected object with an alternative product.The vulnerability is also documented in the vulnerability database at EUVD (EUVD-2025-21000).", "category":"description", "title":"Vulnerability Description" } ], "product_status":{ "fixed":[ "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.src", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-help-3.8.2-7.oe2403sp2.noarch" ] }, "remediations":[ { "product_ids":[ "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.src", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-help-3.8.2-7.oe2403sp2.noarch" ], "details":"gnutls security update", "category":"vendor_fix", "url":"https://www.openeuler.org/zh/security/security-bulletins/detail/?id=openEuler-SA-2025-2011" } ], "scores":[ { "cvss_v3":{ "baseSeverity":"MEDIUM", "baseScore":6.5, "vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "version":"3.1" }, "products":[ "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.aarch64", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.src", "openEuler-24.03-LTS-SP2:gnutls-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-dane-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debuginfo-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-debugsource-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-devel-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-utils-3.8.2-7.oe2403sp2.x86_64", "openEuler-24.03-LTS-SP2:gnutls-help-3.8.2-7.oe2403sp2.noarch" ] } ], "threats":[ { "details":"Medium", "category":"impact" } ], "title":"CVE-2025-6395" } ] }