CVE-2025-32989

CVE-2025-32989

Name

CVE-2025-32989

Description

A heap-buffer-overread vulnerability was found in GnuTLS in how it handles the Certificate Transparency (CT) Signed Certificate Timestamp (SCT) extension during X.509 certificate parsing. This flaw allows a malicious user to create a certificate containing a malformed SCT extension (OID 1.3.6.1.4.1.11129.2.4.2) that contains sensitive data. This issue leads to the exposure of confidential information when GnuTLS verifies certificates from certain websites when the certificate (SCT) is not checked correctly.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
vdb-entry	https://access.redhat.com/security/cve/CVE-2025-32989
issue-tracking	https://bugzilla.redhat.com/show_bug.cgi?id=2359621
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:16115
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:16116
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:17348
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:17361
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:19088
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2025/07/11/3
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:17181
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2025:22529

Type

URI

vdb-entry

https://access.redhat.com/security/cve/CVE-2025-32989

issue-tracking

https://bugzilla.redhat.com/show_bug.cgi?id=2359621

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:16115

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:16116

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:17348

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:17361

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:19088

af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2025/07/11/3

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:17181

secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:22529

Match rules

CPE URI	Source package	Min version	Max version
	shopxo	>= 0	< 3.8.10
`cpe:/o:redhat:enterprise_linux:10.0`	shopxo	>= 0:3.8.9-9.el10_0.14	< *
`cpe:/a:redhat:enterprise_linux:9::appstream`	shopxo	>= 0:3.8.3-6.el9_6.2	< *
`cpe:/a:redhat:rhel_e4s:9.2::appstream`	shopxo	>= 0:3.7.6-21.el9_2.4	< *
`cpe:/a:redhat:discovery:2::el9`	shopxo	>= sha256:4784c2680572f9d091fcfb8c593d5424c0fcd8ea9cd51d25ddaf2f72abc7da65	< *
`cpe:/o:redhat:rhel_eus:9.4::baseos`	shopxo	>= 0:3.8.3-4.el9_4.4	< *
`cpe:/a:redhat:insights_proxy:1.5::el9`	shopxo	>= sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea	< *
`cpe:2.3:a:gnu:gnutls:-:::::::*`	gnutls	== None	== -

CPE URI

Source package

Min version

Max version

shopxo

>= 0

< 3.8.10

cpe:/o:redhat:enterprise_linux:10.0

shopxo

>= 0:3.8.9-9.el10_0.14

< *

cpe:/a:redhat:enterprise_linux:9::appstream

shopxo

>= 0:3.8.3-6.el9_6.2

< *

cpe:/a:redhat:rhel_e4s:9.2::appstream

shopxo

>= 0:3.7.6-21.el9_2.4

< *

cpe:/a:redhat:discovery:2::el9

shopxo

>= sha256:4784c2680572f9d091fcfb8c593d5424c0fcd8ea9cd51d25ddaf2f72abc7da65

< *

cpe:/o:redhat:rhel_eus:9.4::baseos

shopxo

>= 0:3.8.3-4.el9_4.4

< *

cpe:/a:redhat:insights_proxy:1.5::el9

shopxo

>= sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea

< *

cpe:2.3:a:gnu:gnutls:-:*:*:*:*:*:*:*

gnutls

== None

== -

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
gnutls	edge-main	3.8.11-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
gnutls	3.23-main	3.8.11-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed

Source package

Branch

Version

Maintainer

Status

gnutls

edge-main

3.8.11-r0

Natanael Copa <ncopa@alpinelinux.org>

fixed

gnutls

3.23-main

3.8.11-r0

Natanael Copa <ncopa@alpinelinux.org>

fixed

References

Match rules

Vulnerable and fixed packages