CVE-2025-32988

CVE-2025-32988

Name

CVE-2025-32988

Description

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
vdb-entry	https://access.redhat.com/security/cve/CVE-2025-32988
issue-tracking	https://bugzilla.redhat.com/show_bug.cgi?id=2359622
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:16115
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:16116
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:17348
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:17361
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:17415
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:19088
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2025/08/msg00005.html
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2025/07/11/3
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:17181
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2025:22529

Type

URI

vdb-entry

https://access.redhat.com/security/cve/CVE-2025-32988

issue-tracking

https://bugzilla.redhat.com/show_bug.cgi?id=2359622

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:16115

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:16116

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:17348

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:17361

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:17415

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:19088

af854a3a-2127-422b-91ae-364da2661108

https://lists.debian.org/debian-lts-announce/2025/08/msg00005.html

af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2025/07/11/3

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:17181

secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:22529

Match rules

CPE URI	Source package	Min version	Max version
	shopxo	>= 0	< 3.8.10
`cpe:/o:redhat:enterprise_linux:10.0`	shopxo	>= 0:3.8.9-9.el10_0.14	< *
`cpe:/a:redhat:discovery:2::el9`	shopxo	>= sha256:4784c2680572f9d091fcfb8c593d5424c0fcd8ea9cd51d25ddaf2f72abc7da65	< *
`cpe:/o:redhat:rhel_eus:9.4::baseos`	shopxo	>= 0:3.8.3-4.el9_4.4	< *
`cpe:/o:redhat:enterprise_linux:8::baseos`	shopxo	>= 0:3.6.16-8.el8_10.4	< *
`cpe:/o:redhat:enterprise_linux:9::baseos`	shopxo	>= 0:3.8.3-6.el9_6.2	< *
`cpe:/a:redhat:rhel_e4s:9.2::appstream`	shopxo	>= 0:3.7.6-21.el9_2.4	< *
`cpe:/a:redhat:insights_proxy:1.5::el9`	shopxo	>= sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207	< *
`cpe:2.3:a:gnu:gnutls::::::::`	gnutls	>= None	< 3.8.10

CPE URI

Source package

Min version

Max version

shopxo

>= 0

< 3.8.10

cpe:/o:redhat:enterprise_linux:10.0

shopxo

>= 0:3.8.9-9.el10_0.14

< *

cpe:/a:redhat:discovery:2::el9

shopxo

>= sha256:4784c2680572f9d091fcfb8c593d5424c0fcd8ea9cd51d25ddaf2f72abc7da65

< *

cpe:/o:redhat:rhel_eus:9.4::baseos

shopxo

>= 0:3.8.3-4.el9_4.4

< *

cpe:/o:redhat:enterprise_linux:8::baseos

shopxo

>= 0:3.6.16-8.el8_10.4

< *

cpe:/o:redhat:enterprise_linux:9::baseos

shopxo

>= 0:3.8.3-6.el9_6.2

< *

cpe:/a:redhat:rhel_e4s:9.2::appstream

shopxo

>= 0:3.7.6-21.el9_2.4

< *

cpe:/a:redhat:insights_proxy:1.5::el9

shopxo

>= sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207

< *

cpe:2.3:a:gnu:gnutls:*:*:*:*:*:*:*:*

gnutls

>= None

< 3.8.10

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
gnutls	edge-main	3.8.11-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
gnutls	edge-main	3.8.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnutls	edge-main	3.8.5-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnutls	edge-main	3.8.3-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnutls	edge-main	3.8.0-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnutls	edge-main	3.7.7-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnutls	edge-main	3.7.1-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnutls	edge-main	3.6.15-r0	None	possibly vulnerable
gnutls	edge-main	3.6.14-r0	None	possibly vulnerable
gnutls	edge-main	3.6.13-r0	None	possibly vulnerable
gnutls	edge-main	3.6.7-r0	None	possibly vulnerable
gnutls	edge-main	3.5.13-r0	None	possibly vulnerable
gnutls	3.23-main	3.8.11-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
gnutls	3.22-main	3.8.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnutls	3.22-main	3.8.5-r0	None	possibly vulnerable
gnutls	3.22-main	3.8.3-r0	None	possibly vulnerable
gnutls	3.22-main	3.8.0-r0	None	possibly vulnerable
gnutls	3.22-main	3.7.7-r0	None	possibly vulnerable
gnutls	3.22-main	3.7.1-r0	None	possibly vulnerable
gnutls	3.22-main	3.6.15-r0	None	possibly vulnerable
gnutls	3.22-main	3.6.14-r0	None	possibly vulnerable
gnutls	3.22-main	3.6.13-r0	None	possibly vulnerable
gnutls	3.22-main	3.6.7-r0	None	possibly vulnerable
gnutls	3.22-main	3.5.13-r0	None	possibly vulnerable
gnutls	3.21-main	3.8.8-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnutls	3.21-main	3.8.5-r0	None	possibly vulnerable
gnutls	3.21-main	3.8.3-r0	None	possibly vulnerable
gnutls	3.21-main	3.8.0-r0	None	possibly vulnerable
gnutls	3.21-main	3.7.7-r0	None	possibly vulnerable
gnutls	3.21-main	3.7.1-r0	None	possibly vulnerable
gnutls	3.21-main	3.6.15-r0	None	possibly vulnerable
gnutls	3.21-main	3.6.14-r0	None	possibly vulnerable
gnutls	3.21-main	3.6.13-r0	None	possibly vulnerable
gnutls	3.21-main	3.6.7-r0	None	possibly vulnerable
gnutls	3.21-main	3.5.13-r0	None	possibly vulnerable
gnutls	3.20-main	3.8.5-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnutls	3.20-main	3.8.3-r0	None	possibly vulnerable
gnutls	3.20-main	3.8.0-r0	None	possibly vulnerable
gnutls	3.20-main	3.7.7-r0	None	possibly vulnerable
gnutls	3.20-main	3.7.1-r0	None	possibly vulnerable
gnutls	3.20-main	3.6.15-r0	None	possibly vulnerable
gnutls	3.20-main	3.6.14-r0	None	possibly vulnerable
gnutls	3.20-main	3.6.13-r0	None	possibly vulnerable
gnutls	3.20-main	3.6.7-r0	None	possibly vulnerable
gnutls	3.20-main	3.5.13-r0	None	possibly vulnerable
gnutls	3.19-main	3.8.4-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnutls	3.19-main	3.8.3-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
gnutls	3.19-main	3.8.0-r0	None	possibly vulnerable
gnutls	3.19-main	3.7.7-r0	None	possibly vulnerable
gnutls	3.19-main	3.7.1-r0	None	possibly vulnerable
gnutls	3.19-main	3.6.15-r0	None	possibly vulnerable
gnutls	3.19-main	3.6.14-r0	None	possibly vulnerable
gnutls	3.19-main	3.6.13-r0	None	possibly vulnerable
gnutls	3.19-main	3.6.7-r0	None	possibly vulnerable
gnutls	3.19-main	3.5.13-r0	None	possibly vulnerable

Source package

Branch

Version

Maintainer

Status

References

Match rules

Vulnerable and fixed packages