{
  "threat_severity" : "Moderate",
  "public_date" : "2025-07-09T07:00:00Z",
  "bugzilla" : {
    "description" : "gnutls: Vulnerability in GnuTLS certtool template parsing",
    "id" : "2359620",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2359620"
  },
  "cvss3" : {
    "cvss3_base_score" : "6.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:L",
    "status" : "verified"
  },
  "cwe" : "CWE-122",
  "details" : [ "A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system.", "A heap-buffer-overflow (off-by-one) flaw was found in the GnuTLS software in the template parsing logic within the certtool utility. When it reads certain settings from a template file, it allows an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial-of-service (DoS) that could potentially crash the system." ],
  "statement" : "This vulnerability is rated as a moderate severity because a heap-buffer-overflow (off-by-one) flaw was found exclusively in the certtool utility's template parsing logic (part of the gnutls-utils package), and does not affect the core gnutls library itself. This issue is triggered when the tool processes specially crafted settings from a template file, leading to an out-of-bounds NULL pointer write. The resulting memory corruption causes a denial-of-service by crashing the application.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "release_date" : "2025-09-17T00:00:00Z",
    "advisory" : "RHSA-2025:16115",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10.0",
    "package" : "gnutls-0:3.8.9-9.el10_0.14"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2025-10-07T00:00:00Z",
    "advisory" : "RHSA-2025:17415",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "gnutls-0:3.6.16-8.el8_10.4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2025-10-07T00:00:00Z",
    "advisory" : "RHSA-2025:17415",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "gnutls-0:3.6.16-8.el8_10.4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2025-09-17T00:00:00Z",
    "advisory" : "RHSA-2025:16116",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "gnutls-0:3.8.3-6.el9_6.2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2025-09-17T00:00:00Z",
    "advisory" : "RHSA-2025:16116",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9",
    "package" : "gnutls-0:3.8.3-6.el9_6.2"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions",
    "release_date" : "2025-10-06T00:00:00Z",
    "advisory" : "RHSA-2025:17361",
    "cpe" : "cpe:/a:redhat:rhel_e4s:9.2",
    "package" : "gnutls-0:3.7.6-21.el9_2.4"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support",
    "release_date" : "2025-10-06T00:00:00Z",
    "advisory" : "RHSA-2025:17348",
    "cpe" : "cpe:/a:redhat:rhel_eus:9.4",
    "package" : "gnutls-0:3.8.3-4.el9_4.4"
  }, {
    "product_name" : "Red Hat Ceph Storage 7",
    "release_date" : "2025-12-01T00:00:00Z",
    "advisory" : "RHSA-2025:22529",
    "cpe" : "cpe:/a:redhat:ceph_storage:7::el9",
    "package" : "rhceph/rhceph-7-rhel9:sha256:4d2f9dc5b2b33ee1c77bbfabcbbb9f4d94d343b04c4de2e4f8b3b81a1f0fd2fe"
  }, {
    "product_name" : "Red Hat Discovery 2",
    "release_date" : "2025-10-23T00:00:00Z",
    "advisory" : "RHSA-2025:19088",
    "cpe" : "cpe:/a:redhat:discovery:2::el9",
    "package" : "discovery/discovery-ui-rhel9:sha256:435ba9959b793d46a63a74c343bb8c3ff68350496afec12cc5e894dfc40b7648"
  }, {
    "product_name" : "Red Hat Insights proxy 1.5",
    "release_date" : "2025-10-01T00:00:00Z",
    "advisory" : "RHSA-2025:17181",
    "cpe" : "cpe:/a:redhat:insights_proxy:1.5::el9",
    "package" : "insights-proxy/insights-proxy-container-rhel9:sha256:4ca38b33efec0d2dd17a8fd822a7c18281810676ceabb0c1db90953cb91cd5ea"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Out of support scope",
    "package_name" : "gnutls",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "gnutls",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Fix deferred",
    "package_name" : "rhcos",
    "cpe" : "cpe:/a:redhat:openshift:4"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2025-32990\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-32990" ],
  "name" : "CVE-2025-32990",
  "mitigation" : {
    "value" : "Currently, no mitigation is available for this vulnerability.",
    "lang" : "en:us"
  },
  "csaw" : false
}