CVE-2025-32990

A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 2.5

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2025-32990	Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2359620	Issue Tracking

Configurations

Configuration 1 (hide)

cpe:2.3:a:gnu:gnutls:-:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:a:redhat:openshift_container_platform:4.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:6.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:7.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:8.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:9.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux:10.0:::::::*

History

15 Aug 2025, 19:32

Type	Values Removed	Values Added
Summary		(es) Se detectó una falla de desbordamiento de búfer de pila (desviación de uno) en el software GnuTLS, en la lógica de análisis de plantillas de la utilidad certtool. Al leer ciertas configuraciones de un archivo de plantilla, permite a un atacante provocar una escritura fuera de los límites (OOB) en un puntero nulo, lo que resulta en corrupción de memoria y una denegación de servicio (DoS) que podría bloquear el sistema.
First Time		Redhat enterprise Linux Gnu Redhat Gnu gnutls Redhat openshift Container Platform
References	~~() https://access.redhat.com/security/cve/CVE-2025-32990 -~~	() https://access.redhat.com/security/cve/CVE-2025-32990 - Vendor Advisory
References	~~() https://bugzilla.redhat.com/show_bug.cgi?id=2359620 -~~	() https://bugzilla.redhat.com/show_bug.cgi?id=2359620 - Issue Tracking
CPE		cpe:2.3:o:redhat:enterprise_linux:7.0:::::::* cpe:2.3:o:redhat:enterprise_linux:6.0:::::::* cpe:2.3:o:redhat:enterprise_linux:8.0:::::::* cpe:2.3:a:gnu:gnutls:-:::::::* cpe:2.3:o:redhat:enterprise_linux:9.0:::::::* cpe:2.3:a:redhat:openshift_container_platform:4.0:::::::* cpe:2.3:o:redhat:enterprise_linux:10.0:::::::*

10 Jul 2025, 10:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-07-10 10:15

Updated : 2025-08-15 19:32

NVD link : CVE-2025-32990

Mitre link : CVE-2025-32990

CVE.ORG link : CVE-2025-32990

JSON object : View

Products Affected

redhat

enterprise_linux
openshift_container_platform

gnu

gnutls

CWE

CWE-122

Heap-based Buffer Overflow

6.5 /10