{"id":"USN-7742-1","summary":"gnutls28 vulnerabilities","details":"It was discovered that GnuTLS incorrectly handled exporting Subject\nAlternative Name (SAN) entries containing an otherName. A remote attacker\ncould use this issue to cause GnuTLS to crash, resulting in a denial of\nservice, or possibly execute arbitrary code. This issue only affected\nUbuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2025-32988)\n\nIt was discovered that the GnuTLS certtool utility incorrectly handled\nparsing certain template files. An attacker could use this issue to cause\nGnuTLS to crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2025-32990)\n\nStefan Bühler discovered that GnuTLS incorrectly handled parsing certain\ntemplate files. An attacker could possibly use this issue to cause GnuTLS\nto crash, resulting in a denial of service. This issue only affected\nUbuntu 20.04 LTS. (CVE-2025-6395)","modified":"2026-05-20T16:03:48.277919769Z","published":"2025-09-09T13:45:34Z","related":["UBUNTU-CVE-2025-32988","UBUNTU-CVE-2025-32990","UBUNTU-CVE-2025-6395"],"upstream":["CVE-2025-32988","CVE-2025-32990","CVE-2025-6395","UBUNTU-CVE-2025-32988","UBUNTU-CVE-2025-32990","UBUNTU-CVE-2025-6395"],"references":[{"type":"ADVISORY","url":"https://ubuntu.com/security/notices/USN-7742-1"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-6395"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-32988"},{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2025-32990"}],"affected":[{"package":{"name":"gnutls28","ecosystem":"Ubuntu:Pro:16.04:LTS","purl":"pkg:deb/ubuntu/gnutls28?arch=source&distro=esm-apps%2Fxenial"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.4.10-4ubuntu1.9+esm2"}]}],"versions":["3.3.15-5ubuntu2","3.3.18-1ubuntu1","3.3.20-1ubuntu1","3.4.9-2ubuntu1","3.4.10-4ubuntu1","3.4.10-4ubuntu1.1","3.4.10-4ubuntu1.2","3.4.10-4ubuntu1.3","3.4.10-4ubuntu1.4","3.4.10-4ubuntu1.5","3.4.10-4ubuntu1.6","3.4.10-4ubuntu1.7","3.4.10-4ubuntu1.8","3.4.10-4ubuntu1.9","3.4.10-4ubuntu1.9+esm1"],"ecosystem_specific":{"binaries":[{"binary_name":"gnutls-bin","binary_version":"3.4.10-4ubuntu1.9+esm2"},{"binary_name":"guile-gnutls","binary_version":"3.4.10-4ubuntu1.9+esm2"},{"binary_name":"libgnutls-openssl27","binary_version":"3.4.10-4ubuntu1.9+esm2"},{"binary_name":"libgnutls30","binary_version":"3.4.10-4ubuntu1.9+esm2"},{"binary_name":"libgnutlsxx28","binary_version":"3.4.10-4ubuntu1.9+esm2"}],"availability":"Available with Ubuntu Pro: https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7742-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:16.04:LTS","cves":[]}}},{"package":{"name":"gnutls28","ecosystem":"Ubuntu:Pro:18.04:LTS","purl":"pkg:deb/ubuntu/gnutls28?arch=source&distro=esm-infra%2Fbionic"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.5.18-1ubuntu1.6+esm2"}]}],"versions":["3.5.8-6ubuntu3","3.5.17-1ubuntu1","3.5.17-1ubuntu3","3.5.18-1ubuntu1","3.5.18-1ubuntu1.1","3.5.18-1ubuntu1.2","3.5.18-1ubuntu1.3","3.5.18-1ubuntu1.4","3.5.18-1ubuntu1.5","3.5.18-1ubuntu1.6","3.5.18-1ubuntu1.6+esm1"],"ecosystem_specific":{"binaries":[{"binary_name":"gnutls-bin","binary_version":"3.5.18-1ubuntu1.6+esm2"},{"binary_name":"libgnutls-dane0","binary_version":"3.5.18-1ubuntu1.6+esm2"},{"binary_name":"libgnutls-openssl27","binary_version":"3.5.18-1ubuntu1.6+esm2"},{"binary_name":"libgnutls30","binary_version":"3.5.18-1ubuntu1.6+esm2"},{"binary_name":"libgnutlsxx28","binary_version":"3.5.18-1ubuntu1.6+esm2"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7742-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:18.04:LTS","cves":[{"severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-32988"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-32990"}]}}},{"package":{"name":"gnutls28","ecosystem":"Ubuntu:Pro:20.04:LTS","purl":"pkg:deb/ubuntu/gnutls28?arch=source&distro=esm-infra%2Ffocal"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.6.13-2ubuntu1.12+esm1"}]}],"versions":["3.6.9-5ubuntu1","3.6.9-5ubuntu2","3.6.10-5","3.6.11.1-2","3.6.11.1-2ubuntu2","3.6.13-2ubuntu1","3.6.13-2ubuntu1.1","3.6.13-2ubuntu1.2","3.6.13-2ubuntu1.3","3.6.13-2ubuntu1.6","3.6.13-2ubuntu1.7","3.6.13-2ubuntu1.8","3.6.13-2ubuntu1.9","3.6.13-2ubuntu1.10","3.6.13-2ubuntu1.11","3.6.13-2ubuntu1.12"],"ecosystem_specific":{"binaries":[{"binary_name":"gnutls-bin","binary_version":"3.6.13-2ubuntu1.12+esm1"},{"binary_name":"guile-gnutls","binary_version":"3.6.13-2ubuntu1.12+esm1"},{"binary_name":"libgnutls-dane0","binary_version":"3.6.13-2ubuntu1.12+esm1"},{"binary_name":"libgnutls-openssl27","binary_version":"3.6.13-2ubuntu1.12+esm1"},{"binary_name":"libgnutls30","binary_version":"3.6.13-2ubuntu1.12+esm1"},{"binary_name":"libgnutlsxx28","binary_version":"3.6.13-2ubuntu1.12+esm1"}],"availability":"Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/usn/USN-7742-1.json","cves_map":{"ecosystem":"Ubuntu:Pro:20.04:LTS","cves":[{"severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-6395"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-32988"},{"severity":[{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L","type":"CVSS_V3"},{"score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H","type":"CVSS_V3"},{"score":"medium","type":"Ubuntu"}],"id":"CVE-2025-32990"}]}}}],"schema_version":"1.7.5"}