{"id":"USN-7635-1","summary":"gnutls28 vulnerabilities","details":"It was discovered that GnuTLS incorrectly handled exporting Subject\nAlternative Name (SAN) entries containing an otherName. A remote attacker\ncould use this issue to cause GnuTLS to crash, resulting in a denial of\nservice, or possibly execute arbitrary code. (CVE-2025-32988)\n\nIt was discovered that GnuTLS incorrectly handled parsing the Certificate\nTransparency (CT) Signed Certificate Timestamp (SCT) extension. A remote\nattacker could use this issue to cause GnuTLS to crash, resulting in a\ndenial of service, or possibly obtain sensitive information.\n(CVE-2025-32989)\n\nIt was discovered that the GnuTLS certtool utility incorrectly handled\nparsing certain template files. An attacker could use this issue to cause\nGnuTLS to crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2025-32990)\n\nStefan Bühler discovered that GnuTLS incorrectly handled parsing certain\ntemplate files. An attacker could possibly use this issue to cause GnuTLS\nto crash, resulting in a denial of service. (CVE-2025-6395)","modified":"2026-04-27T18:09:31.260144Z","published":"2025-07-14T12:23:41Z","related":["UBUNTU-CVE-2025-32988","UBUNTU-CVE-2025-32989","UBUNTU-CVE-2025-32990","UBUNTU-CVE-2025-6395"],"upstream":["CVE-2025-32988","CVE-2025-32989","CVE-2025-32990","CVE-2025-6395","UBUNTU-CVE-2025-32988","UBUNTU-CVE-2025-32989","UBUNTU-CVE-2025-32990","UBUNTU-CVE-2025-6395"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7635-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-6395"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-32988"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-32989"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-32990"}],"affected":[{"package":{"name":"gnutls28","ecosystem":"Ubuntu:22.04:LTS","purl":"pkg:deb/ubuntu/gnutls28@3.7.3-4ubuntu1.7?arch=source&distro=jammy"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.7.3-4ubuntu1.7"}]}],"versions":["3.7.1-5ubuntu1","3.7.2-2ubuntu1","3.7.2-4ubuntu1","3.7.2-5ubuntu1","3.7.3-4ubuntu1","3.7.3-4ubuntu1.1","3.7.3-4ubuntu1.2","3.7.3-4ubuntu1.3","3.7.3-4ubuntu1.4","3.7.3-4ubuntu1.5","3.7.3-4ubuntu1.6"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"gnutls-bin","binary_version":"3.7.3-4ubuntu1.7"},{"binary_name":"guile-gnutls","binary_version":"3.7.3-4ubuntu1.7"},{"binary_name":"libgnutls-dane0","binary_version":"3.7.3-4ubuntu1.7"},{"binary_name":"libgnutls-openssl27","binary_version":"3.7.3-4ubuntu1.7"},{"binary_name":"libgnutls30","binary_version":"3.7.3-4ubuntu1.7"},{"binary_name":"libgnutlsxx28","binary_version":"3.7.3-4ubuntu1.7"}]},"database_specific":{"cves_map":{"cves":[{"id":"CVE-2025-6395","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-32988","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-32989","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-32990","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"type":"Ubuntu","score":"medium"}]}],"ecosystem":"Ubuntu:22.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7635-1.json"}},{"package":{"name":"gnutls28","ecosystem":"Ubuntu:24.04:LTS","purl":"pkg:deb/ubuntu/gnutls28@3.8.3-1.1ubuntu3.4?arch=source&distro=noble"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.8.3-1.1ubuntu3.4"}]}],"versions":["3.8.1-4ubuntu1","3.8.1-4ubuntu6","3.8.1-4ubuntu7","3.8.3-1ubuntu1","3.8.3-1.1ubuntu2","3.8.3-1.1ubuntu3","3.8.3-1.1ubuntu3.1","3.8.3-1.1ubuntu3.2","3.8.3-1.1ubuntu3.3"],"ecosystem_specific":{"availability":"No subscription required","binaries":[{"binary_name":"gnutls-bin","binary_version":"3.8.3-1.1ubuntu3.4"},{"binary_name":"libgnutls-dane0t64","binary_version":"3.8.3-1.1ubuntu3.4"},{"binary_name":"libgnutls-openssl27t64","binary_version":"3.8.3-1.1ubuntu3.4"},{"binary_name":"libgnutls30t64","binary_version":"3.8.3-1.1ubuntu3.4"}]},"database_specific":{"cves_map":{"cves":[{"id":"CVE-2025-6395","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-32988","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-32989","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"medium"}]},{"id":"CVE-2025-32990","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L"},{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H"},{"type":"Ubuntu","score":"medium"}]}],"ecosystem":"Ubuntu:24.04:LTS"},"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7635-1.json"}}],"schema_version":"1.7.5"}