{"id":"USN-7635-1","summary":"gnutls28 vulnerabilities","details":"It was discovered that GnuTLS incorrectly handled exporting Subject\nAlternative Name (SAN) entries containing an otherName. A remote attacker\ncould use this issue to cause GnuTLS to crash, resulting in a denial of\nservice, or possibly execute arbitrary code. (CVE-2025-32988)\n\nIt was discovered that GnuTLS incorrectly handled parsing the Certificate\nTransparency (CT) Signed Certificate Timestamp (SCT) extension. A remote\nattacker could use this issue to cause GnuTLS to crash, resulting in a\ndenial of service, or possibly obtain sensitive information.\n(CVE-2025-32989)\n\nIt was discovered that the GnuTLS certtool utility incorrectly handled\nparsing certain template files. An attacker could use this issue to cause\nGnuTLS to crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2025-32990)\n\nStefan Bühler discovered that GnuTLS incorrectly handled parsing certain\ntemplate files. An attacker could possibly use this issue to cause GnuTLS\nto crash, resulting in a denial of service. (CVE-2025-6395)","modified":"2026-04-27T18:09:31.260144Z","published":"2025-07-14T12:23:41Z","related":["UBUNTU-CVE-2025-32988","UBUNTU-CVE-2025-32989","UBUNTU-CVE-2025-32990","UBUNTU-CVE-2025-6395"],"upstream":["CVE-2025-32988","CVE-2025-32989","CVE-2025-32990","CVE-2025-6395","UBUNTU-CVE-2025-32988","UBUNTU-CVE-2025-32989","UBUNTU-CVE-2025-32990","UBUNTU-CVE-2025-6395"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7635-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-6395"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-32988"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-32989"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-32990"}],"affected":[{"package":{"name":"gnutls28","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/gnutls28@3.7.3-4ubuntu1.7?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.7.3-4ubuntu1.7"}]}],"versions":["3.7.1-5ubuntu1","3.7.2-2ubuntu1","3.7.2-4ubuntu1","3.7.2-5ubuntu1","3.7.3-4ubuntu1","3.7.3-4ubuntu1.1","3.7.3-4ubuntu1.2","3.7.3-4ubuntu1.3","3.7.3-4ubuntu1.4","3.7.3-4ubuntu1.5","3.7.3-4ubuntu1.6"],"ecosystem_specific":{"binaries":[{"binary_version":"3.7.3-4ubuntu1.7","binary_name":"gnutls-bin"},{"binary_version":"3.7.3-4ubuntu1.7","binary_name":"guile-gnutls"},{"binary_version":"3.7.3-4ubuntu1.7","binary_name":"libgnutls-dane0"},{"binary_version":"3.7.3-4ubuntu1.7","binary_name":"libgnutls-openssl27"},{"binary_version":"3.7.3-4ubuntu1.7","binary_name":"libgnutls30"},{"binary_version":"3.7.3-4ubuntu1.7","binary_name":"libgnutlsxx28"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7635-1.json","cves_map":{"cves":[{"severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-6395"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-32988"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-32989"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-32990"}],"ecosystem":"Ubuntu:22.04:LTS"}}},{"package":{"name":"gnutls28","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/gnutls28@3.8.3-1.1ubuntu3.4?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.8.3-1.1ubuntu3.4"}]}],"versions":["3.8.1-4ubuntu1","3.8.1-4ubuntu6","3.8.1-4ubuntu7","3.8.3-1ubuntu1","3.8.3-1.1ubuntu2","3.8.3-1.1ubuntu3","3.8.3-1.1ubuntu3.1","3.8.3-1.1ubuntu3.2","3.8.3-1.1ubuntu3.3"],"ecosystem_specific":{"binaries":[{"binary_version":"3.8.3-1.1ubuntu3.4","binary_name":"gnutls-bin"},{"binary_version":"3.8.3-1.1ubuntu3.4","binary_name":"libgnutls-dane0t64"},{"binary_version":"3.8.3-1.1ubuntu3.4","binary_name":"libgnutls-openssl27t64"},{"binary_version":"3.8.3-1.1ubuntu3.4","binary_name":"libgnutls30t64"}],"availability":"No subscription required"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7635-1.json","cves_map":{"cves":[{"severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-6395"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-32988"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-32989"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-32990"}],"ecosystem":"Ubuntu:24.04:LTS"}}}],"schema_version":"1.7.5"}