USN-8502-1: GnuTLS vulnerabilities

Publication date

6 July 2026

Overview

Several security issues were fixed in GnuTLS.


Packages

Details

It was discovered that GnuTLS had a timing side-channel when processing
malformed ciphertexts in RSA-PSK ClientKeyExchange. A remote attacker
could possibly use this issue to recover sensitive information. This
issue only affected Ubuntu 18.04 LTS. (CVE-2024-0553)

Bing Shi discovered that GnuTLS incorrectly handled decoding certain
DER-encoded certificates. A remote attacker could possibly use this
issue to cause GnuTLS to consume resources, leading to a denial of
service. This issue only affected Ubuntu 18.04 LTS. (CVE-2024-12243)

Luigino Camastra discovered that GnuTLS incorrectly handled certain
PKCS11 token labels. A remote attacker could use this issue to cause
GnuTLS to crash, resulting in a denial of service, or possibly execute
arbitrary code. The default compiler options for affected releases
should reduce the vulnerability to a denial of...

It was discovered that GnuTLS had a timing side-channel when processing
malformed ciphertexts in RSA-PSK ClientKeyExchange. A remote attacker
could possibly use this issue to recover sensitive information. This
issue only affected Ubuntu 18.04 LTS. (CVE-2024-0553)

Bing Shi discovered that GnuTLS incorrectly handled decoding certain
DER-encoded certificates. A remote attacker could possibly use this
issue to cause GnuTLS to consume resources, leading to a denial of
service. This issue only affected Ubuntu 18.04 LTS. (CVE-2024-12243)

Luigino Camastra discovered that GnuTLS incorrectly handled certain
PKCS11 token labels. A remote attacker could use this issue to cause
GnuTLS to crash, resulting in a denial of service, or possibly execute
arbitrary code. The default compiler options for affected releases
should reduce the vulnerability to a denial of service. (CVE-2025-9820)

Tim Scheckenbach discovered that GnuTLS incorrectly handled malicious
certificates containing a large number of name constraints and subject
alternative names. A remote attacker could possibly use this issue to
cause GnuTLS to consume resources, resulting in a denial of service.
This issue only affected Ubuntu 18.04 LTS and Ubuntu 20.04 LTS.
(CVE-2025-14831)

Oleh Konko and Joshua Rogers discovered that GnuTLS did not properly
handle case-insensitive name constraints in certain cases. A remote
attacker could possibly use this issue to bypass certificate validation,
leading to a machine-in-the-middle attack. (CVE-2026-3833)

Joshua Rogers discovered that GnuTLS did not properly handle very short
premaster secrets in certain RSA key exchange cases with PKCS#11-backed
server keys. A remote attacker could possibly use this issue to obtain
sensitive information. This issue only affected Ubuntu 18.04 LTS and
Ubuntu 20.04 LTS. (CVE-2026-5260)

Joshua Rogers discovered that GnuTLS did not properly handle malformed
DTLS handshake fragments in certain cases. A remote attacker could
possibly use this issue to obtain sensitive information, or cause a
denial of service. This issue only affected Ubuntu 20.04 LTS.
(CVE-2026-33845)

Haruto Kimura, Oscar Reparaz, and Zou Dikai discovered that GnuTLS did
not properly validate DTLS handshake fragment lengths in certain cases.
A remote attacker could possibly use this issue to cause GnuTLS to
crash, resulting in a denial of service, or execute arbitrary code.
(CVE-2026-33846)

Joshua Rogers discovered that GnuTLS did not properly order DTLS packets
with duplicate sequence numbers in certain cases. A remote attacker
could possibly use this issue to cause GnuTLS to crash, resulting in a
denial of service. (CVE-2026-42009)

Joshua Rogers discovered that GnuTLS did not properly handle usernames
containing NUL characters in certain RSA-PSK configurations. A remote
attacker could possibly use this issue to bypass authentication and gain
unintended access to services. This issue only affected Ubuntu 20.04
LTS. (CVE-2026-42010)


Update instructions

In general, a standard system update will make all the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
20.04 LTS focal gnutls-bin –  3.6.13-2ubuntu1.12+esm2  
guile-gnutls –  3.6.13-2ubuntu1.12+esm2  
libgnutls-dane0 –  3.6.13-2ubuntu1.12+esm2  
libgnutls-openssl27 –  3.6.13-2ubuntu1.12+esm2  
libgnutls28-dev –  3.6.13-2ubuntu1.12+esm2  
libgnutls30 –  3.6.13-2ubuntu1.12+esm2  
libgnutlsxx28 –  3.6.13-2ubuntu1.12+esm2  
18.04 LTS bionic gnutls-bin –  3.5.18-1ubuntu1.6+esm3  
libgnutls-dane0 –  3.5.18-1ubuntu1.6+esm3  
libgnutls-openssl27 –  3.5.18-1ubuntu1.6+esm3  
libgnutls28-dev –  3.5.18-1ubuntu1.6+esm3  
libgnutls30 –  3.5.18-1ubuntu1.6+esm3  
libgnutlsxx28 –  3.5.18-1ubuntu1.6+esm3  
16.04 LTS xenial gnutls-bin –  3.4.10-4ubuntu1.9+esm3  
guile-gnutls –  3.4.10-4ubuntu1.9+esm3  
libgnutls-dev –  3.4.10-4ubuntu1.9+esm3  
libgnutls-openssl27 –  3.4.10-4ubuntu1.9+esm3  
libgnutls28-dev –  3.4.10-4ubuntu1.9+esm3  
libgnutls30 –  3.4.10-4ubuntu1.9+esm3  
libgnutlsxx28 –  3.4.10-4ubuntu1.9+esm3  

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.


Have additional questions?

Talk to a member of the team ›