CVE-2025-32990

CVE-2025-32990

Name

CVE-2025-32990

Description

A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system.

NVD Severity

unknown

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
vdb-entry	https://access.redhat.com/security/cve/CVE-2025-32990
issue-tracking	https://bugzilla.redhat.com/show_bug.cgi?id=2359620
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:16115
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:16116
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:17348
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:17361
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:17415
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:19088
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2025/08/msg00005.html
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2025/07/11/3
vendor-advisory	https://access.redhat.com/errata/RHSA-2025:17181
secalert@redhat.com	https://access.redhat.com/errata/RHSA-2025:22529

Type

URI

vdb-entry

https://access.redhat.com/security/cve/CVE-2025-32990

issue-tracking

https://bugzilla.redhat.com/show_bug.cgi?id=2359620

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:16115

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:16116

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:17348

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:17361

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:17415

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:19088

af854a3a-2127-422b-91ae-364da2661108

https://lists.debian.org/debian-lts-announce/2025/08/msg00005.html

af854a3a-2127-422b-91ae-364da2661108

http://www.openwall.com/lists/oss-security/2025/07/11/3

vendor-advisory

https://access.redhat.com/errata/RHSA-2025:17181

secalert@redhat.com

https://access.redhat.com/errata/RHSA-2025:22529

Match rules

CPE URI	Source package	Min version	Max version
	shopxo	>= 0	< 3.8.10
`cpe:/o:redhat:enterprise_linux:10.0`	shopxo	>= 0:3.8.9-9.el10_0.14	< *
`cpe:/a:redhat:enterprise_linux:8::appstream`	shopxo	>= 0:3.6.16-8.el8_10.4	< *
`cpe:/a:redhat:enterprise_linux:9::appstream`	shopxo	>= 0:3.8.3-6.el9_6.2	< *
`cpe:/a:redhat:rhel_e4s:9.2::appstream`	shopxo	>= 0:3.7.6-21.el9_2.4	< *
`cpe:/a:redhat:rhel_eus:9.4::appstream`	shopxo	>= 0:3.8.3-4.el9_4.4	< *
`cpe:/a:redhat:discovery:2::el9`	shopxo	>= sha256:4784c2680572f9d091fcfb8c593d5424c0fcd8ea9cd51d25ddaf2f72abc7da65	< *
`cpe:/a:redhat:insights_proxy:1.5::el9`	shopxo	>= sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea	< *
`cpe:2.3:a:gnu:gnutls:-:::::::*`	gnutls	== None	== -

CPE URI

Source package

Min version

Max version

shopxo

>= 0

< 3.8.10

cpe:/o:redhat:enterprise_linux:10.0

shopxo

>= 0:3.8.9-9.el10_0.14

< *

cpe:/a:redhat:enterprise_linux:8::appstream

shopxo

>= 0:3.6.16-8.el8_10.4

< *

cpe:/a:redhat:enterprise_linux:9::appstream

shopxo

>= 0:3.8.3-6.el9_6.2

< *

cpe:/a:redhat:rhel_e4s:9.2::appstream

shopxo

>= 0:3.7.6-21.el9_2.4

< *

cpe:/a:redhat:rhel_eus:9.4::appstream

shopxo

>= 0:3.8.3-4.el9_4.4

< *

cpe:/a:redhat:discovery:2::el9

shopxo

>= sha256:4784c2680572f9d091fcfb8c593d5424c0fcd8ea9cd51d25ddaf2f72abc7da65

< *

cpe:/a:redhat:insights_proxy:1.5::el9

shopxo

>= sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea

< *

cpe:2.3:a:gnu:gnutls:-:*:*:*:*:*:*:*

gnutls

== None

== -

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
gnutls	edge-main	3.8.11-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
gnutls	3.23-main	3.8.11-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed

Source package

Branch

Version

Maintainer

Status

gnutls

edge-main

3.8.11-r0

Natanael Copa <ncopa@alpinelinux.org>

fixed

gnutls

3.23-main

3.8.11-r0

Natanael Copa <ncopa@alpinelinux.org>

fixed

References

Match rules

Vulnerable and fixed packages