CVE-2026-42009

EUVD-2026-30769
A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 67%
Affected Products (NVD)
VendorProductVersion
gnugnutls
-
redhathardened_images
-
redhatopenshift_container_platform
4.0
redhatenterprise_linux
6.0
redhatenterprise_linux
7.0
redhatenterprise_linux
8.0
redhatenterprise_linux
8.0
redhatenterprise_linux_for_els
8.10
redhatenterprise_linux_for_els
8.10
redhatenterprise_linux_for_ibm_z_systems
8.0_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems_els
8.10
redhatenterprise_linux_for_power_little_endian
8.0_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_els
8.10
redhatenterprise_linux
9.0
redhatenterprise_linux
9.0
redhatenterprise_linux
9.8
redhatenterprise_linux_for_els
9.8
redhatenterprise_linux_for_els
9.8
redhatenterprise_linux_for_eus
9.8
redhatenterprise_linux_for_eus
9.8
redhatenterprise_linux_for_ibm_z_systems
9.0_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems_els
9.8
redhatenterprise_linux_for_ibm_z_systems_eus
9.8
redhatenterprise_linux_for_power_little_endian
9.0_ppc64le:_ppc64le
redhatenterprise_linux_for_power_little_endian_els
9.8
redhatenterprise_linux_for_power_little_endian_eus
9.8
redhatenterprise_linux_for_update_services_for_sap_solutions
9.8
redhatenterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions
9.8
redhatenterprise_linux
10.0
redhatenterprise_linux
10.0
redhatenterprise_linux
10.2
redhatenterprise_linux
10.2
redhatenterprise_linux_for_els
10.2
redhatenterprise_linux_for_els
10.2
redhatenterprise_linux_for_eus
10.2
redhatenterprise_linux_for_eus
10.2
redhatenterprise_linux_for_ibm_z_systems
9.0_s390x:_s390x
redhatenterprise_linux_for_ibm_z_systems
10.2
redhatenterprise_linux_for_ibm_z_systems_els
10.2
redhatenterprise_linux_for_ibm_z_systems_eus
10.2
redhatenterprise_linux_for_power_little_endian
10.0
redhatenterprise_linux_for_power_little_endian
10.2
redhatenterprise_linux_for_power_little_endian_els
10.2
redhatenterprise_linux_for_power_little_endian_eus
10.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
gnutls28
bookworm
vulnerable
bookworm (security)
3.7.9-2+deb12u7
fixed
bullseye
vulnerable
bullseye (security)
3.7.1-5+deb11u10
fixed
forky
3.8.13-1
fixed
sid
3.8.13-1
fixed
trixie
vulnerable
trixie (security)
3.8.9-3+deb13u4
fixed
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
gnutls
suse enterprise desktop 15 SP7
3.8.3-150600.4.20.1
fixed
suse enterprise sap 15 SP7
3.8.3-150600.4.20.1
fixed
suse enterprise server 12 SP3
3.3.27-3.18.1
fixed
suse enterprise server 12 SP5
3.3.27-3.18.1
fixed
suse enterprise server 15 SP4
3.7.3-150400.4.59.1
fixed
suse enterprise server 15 SP5
3.7.3-150400.4.59.1
fixed
suse enterprise server 15 SP6
3.8.3-150600.4.20.1
fixed
suse enterprise server 15 SP7
3.8.3-150600.4.20.1
fixed
gnutls-guile
suse enterprise server 15 SP5
3.7.3-150400.4.59.1
fixed
libgnutls-devel
suse enterprise desktop 15 SP7
3.8.3-150600.4.20.1
fixed
suse enterprise sap 15 SP7
3.8.3-150600.4.20.1
fixed
suse enterprise server 12 SP5
3.3.27-3.18.1
fixed
suse enterprise server 15 SP4
3.7.3-150400.4.59.1
fixed
suse enterprise server 15 SP5
3.7.3-150400.4.59.1
fixed
suse enterprise server 15 SP6
3.8.3-150600.4.20.1
fixed
suse enterprise server 15 SP7
3.8.3-150600.4.20.1
fixed
libgnutls-openssl-devel
suse enterprise server 12 SP5
3.3.27-3.18.1
fixed
libgnutls-openssl27
suse enterprise server 12 SP3
3.3.27-3.18.1
fixed
suse enterprise server 12 SP5
3.3.27-3.18.1
fixed
libgnutls28
suse enterprise server 12 SP3
3.3.27-3.18.1
fixed
suse enterprise server 12 SP5
3.3.27-3.18.1
fixed
libgnutls28-32bit
suse enterprise server 12 SP3
3.3.27-3.18.1
fixed
suse enterprise server 12 SP5
3.3.27-3.18.1
fixed
libgnutls30
suse enterprise desktop 15 SP7
3.8.3-150600.4.20.1
fixed
suse enterprise sap 15 SP7
3.8.3-150600.4.20.1
fixed
suse enterprise server 12 SP5
3.4.17-8.23.1
fixed
suse enterprise server 15 SP4
3.7.3-150400.4.59.1
fixed
suse enterprise server 15 SP5
3.7.3-150400.4.59.1
fixed
suse enterprise server 15 SP6
3.8.3-150600.4.20.1
fixed
suse enterprise server 15 SP7
3.8.3-150600.4.20.1
fixed
libgnutls30-32bit
suse enterprise desktop 15 SP7
3.8.3-150600.4.20.1
fixed
suse enterprise sap 15 SP7
3.8.3-150600.4.20.1
fixed
suse enterprise server 12 SP5
3.4.17-8.23.1
fixed
suse enterprise server 15 SP4
3.7.3-150400.4.59.1
fixed
suse enterprise server 15 SP5
3.7.3-150400.4.59.1
fixed
suse enterprise server 15 SP6
3.8.3-150600.4.20.1
fixed
suse enterprise server 15 SP7
3.8.3-150600.4.20.1
fixed
libgnutls30-hmac
suse enterprise server 15 SP4
3.7.3-150400.4.59.1
fixed
suse enterprise server 15 SP5
3.7.3-150400.4.59.1
fixed
libgnutls30-hmac-32bit
suse enterprise server 15 SP4
3.7.3-150400.4.59.1
fixed
suse enterprise server 15 SP5
3.7.3-150400.4.59.1
fixed
libgnutlsxx-devel
suse enterprise desktop 15 SP7
3.8.3-150600.4.20.1
fixed
suse enterprise sap 15 SP7
3.8.3-150600.4.20.1
fixed
suse enterprise server 12 SP5
3.3.27-3.18.1
fixed
suse enterprise server 15 SP4
3.7.3-150400.4.59.1
fixed
suse enterprise server 15 SP5
3.7.3-150400.4.59.1
fixed
suse enterprise server 15 SP6
3.8.3-150600.4.20.1
fixed
suse enterprise server 15 SP7
3.8.3-150600.4.20.1
fixed
libgnutlsxx28
suse enterprise server 15 SP4
3.7.3-150400.4.59.1
fixed
suse enterprise server 15 SP5
3.7.3-150400.4.59.1
fixed
libgnutlsxx30
suse enterprise desktop 15 SP7
3.8.3-150600.4.20.1
fixed
suse enterprise sap 15 SP7
3.8.3-150600.4.20.1
fixed
suse enterprise server 15 SP6
3.8.3-150600.4.20.1
fixed
suse enterprise server 15 SP7
3.8.3-150600.4.20.1
fixed
Red Hat logo
Red Hat Enterprise Linux Releases
Red Hat Product
Release
gnutls
RHEL 8
0:3.6.16-8.el8_10.6
fixed
RHEL 8.4 AUS
0:3.6.14-10.el8_4.1
fixed
RHEL 8.6 AUS
0:3.6.16-5.el8_6.5
fixed
RHEL 8.8 E4S
0:3.6.16-7.el8_8.4
fixed
RHEL 8.8 TUS
0:3.6.16-7.el8_8.4
fixed
RHEL 9
0:3.8.10-4.el9_8
fixed
gnutls-c
RHEL 8
0:3.6.16-8.el8_10.6
fixed
RHEL 8.4 AUS
0:3.6.14-10.el8_4.1
fixed
RHEL 8.6 AUS
0:3.6.16-5.el8_6.5
fixed
RHEL 8.8 E4S
0:3.6.16-7.el8_8.4
fixed
RHEL 8.8 TUS
0:3.6.16-7.el8_8.4
fixed
RHEL 9
0:3.8.10-4.el9_8
fixed
gnutls-dane
RHEL 8
0:3.6.16-8.el8_10.6
fixed
RHEL 8.4 AUS
0:3.6.14-10.el8_4.1
fixed
RHEL 8.6 AUS
0:3.6.16-5.el8_6.5
fixed
RHEL 8.8 E4S
0:3.6.16-7.el8_8.4
fixed
RHEL 8.8 TUS
0:3.6.16-7.el8_8.4
fixed
RHEL 9
0:3.8.10-4.el9_8
fixed
gnutls-devel
RHEL 8
0:3.6.16-8.el8_10.6
fixed
RHEL 8.4 AUS
0:3.6.14-10.el8_4.1
fixed
RHEL 8.6 AUS
0:3.6.16-5.el8_6.5
fixed
RHEL 8.8 E4S
0:3.6.16-7.el8_8.4
fixed
RHEL 8.8 TUS
0:3.6.16-7.el8_8.4
fixed
RHEL 9
0:3.8.10-4.el9_8
fixed
gnutls-utils
RHEL 8
0:3.6.16-8.el8_10.6
fixed
RHEL 8.4 AUS
0:3.6.14-10.el8_4.1
fixed
RHEL 8.6 AUS
0:3.6.16-5.el8_6.5
fixed
RHEL 8.8 E4S
0:3.6.16-7.el8_8.4
fixed
RHEL 8.8 TUS
0:3.6.16-7.el8_8.4
fixed
RHEL 9
0:3.8.10-4.el9_8
fixed
libtasn1
RHEL 8.4 AUS
0:4.13-3.el8_4.1
fixed
RHEL 8.6 AUS
0:4.13-3.el8_6.2
fixed
RHEL 8.8 E4S
0:4.13-4.el8_8.1
fixed
RHEL 8.8 TUS
0:4.13-4.el8_8.1
fixed
libtasn1-devel
RHEL 8.4 AUS
0:4.13-3.el8_4.1
fixed
RHEL 8.6 AUS
0:4.13-3.el8_6.2
fixed
RHEL 8.8 E4S
0:4.13-4.el8_8.1
fixed
RHEL 8.8 TUS
0:4.13-4.el8_8.1
fixed
libtasn1-tools
RHEL 8.4 AUS
0:4.13-3.el8_4.1
fixed
RHEL 8.6 AUS
0:4.13-3.el8_6.2
fixed
RHEL 8.8 E4S
0:4.13-4.el8_8.1
fixed
RHEL 8.8 TUS
0:4.13-4.el8_8.1
fixed
Amazon Linux logo
Amazon Linux Releases
Amazon Package
Release
gnutls
Amazon Linux 2
0:3.3.29-9.amzn2.0.4
fixed
Amazon Linux 2023
0:3.8.3-8.amzn2023.0.3
fixed
gnutls-c++
Amazon Linux 2
0:3.3.29-9.amzn2.0.4
fixed
Amazon Linux 2023
0:3.8.3-8.amzn2023.0.3
fixed
gnutls-c++-debuginfo
Amazon Linux 2023
0:3.8.3-8.amzn2023.0.3
fixed
gnutls-dane
Amazon Linux 2
0:3.3.29-9.amzn2.0.4
fixed
Amazon Linux 2023
0:3.8.3-8.amzn2023.0.3
fixed
gnutls-dane-debuginfo
Amazon Linux 2023
0:3.8.3-8.amzn2023.0.3
fixed
gnutls-debuginfo
Amazon Linux 2
0:3.3.29-9.amzn2.0.4
fixed
Amazon Linux 2023
0:3.8.3-8.amzn2023.0.3
fixed
gnutls-debugsource
Amazon Linux 2023
0:3.8.3-8.amzn2023.0.3
fixed
gnutls-devel
Amazon Linux 2
0:3.3.29-9.amzn2.0.4
fixed
Amazon Linux 2023
0:3.8.3-8.amzn2023.0.3
fixed
gnutls-utils
Amazon Linux 2
0:3.3.29-9.amzn2.0.4
fixed
Amazon Linux 2023
0:3.8.3-8.amzn2023.0.3
fixed
gnutls-utils-debuginfo
Amazon Linux 2023
0:3.8.3-8.amzn2023.0.3
fixed
Azure Linux logo
Azure Linux Releases
Azure Package
Release
gnutls
Azure Linux 3.0
0:3.8.3-11.azl3
fixed
References