CVE-2025-14831
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Red Hat | Red Hat Enterprise Linux 10 | 0:3.8.10-3.el10_1 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 10.0 Extended Update Support | 0:3.8.9-9.el10_0.17 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8 | 0:3.6.16-8.el8_10.5 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8 | 0:3.6.16-8.el8_10.5 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | 0:3.6.14-10.el8_4.1 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support | 0:4.13-3.el8_4.1 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On | 0:3.6.14-10.el8_4.1 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On | 0:4.13-3.el8_4.1 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | 0:3.6.16-5.el8_6.5 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support | 0:4.13-3.el8_6.2 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On | 0:3.6.16-5.el8_6.5 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On | 0:4.13-3.el8_6.2 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.8 Telecommunications Update Service | 0:3.6.16-7.el8_8.4 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.8 Telecommunications Update Service | 0:4.13-4.el8_8.1 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions | 0:3.6.16-7.el8_8.4 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions | 0:4.13-4.el8_8.1 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9 | 0:3.8.3-10.el9_7 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9 | 0:3.8.3-10.el9_7 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions | 0:3.7.6-21.el9_2.5 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9.4 Extended Update Support | 0:3.8.3-4.el9_4.5 < * | unaffected |
| Red Hat | Red Hat Enterprise Linux 9.6 Extended Update Support | 0:3.8.3-6.el9_6.3 < * | unaffected |
| Red Hat | RHEL-8 based Middleware Containers | 7.13.5-4.1777325677 < * | unaffected |
| Red Hat | RHEL-8 based Middleware Containers | 7.13.5-4.1777325711 < * | unaffected |
| Red Hat | RHEL-8 based Middleware Containers | 7.13.5-4.1777325710 < * | unaffected |
| Red Hat | RHEL-8 based Middleware Containers | 7.13.5-3.1777325680 < * | unaffected |
| Red Hat | RHEL-8 based Middleware Containers | 7.13.5-4.1777325709 < * | unaffected |
| Red Hat | RHEL-8 based Middleware Containers | 7.13.5-4.1777325680 < * | unaffected |
| Red Hat | RHEL-8 based Middleware Containers | 7.13.5-4.1777325708 < * | unaffected |
| Red Hat | Red Hat AI Inference Server 3.2 | 1780681984 < * | unaffected |
| Red Hat | Red Hat AI Inference Server 3.2 | 1775740563 < * | unaffected |
| Red Hat | Red Hat AI Inference Server 3.3 | 1778244559 < * | unaffected |
| Red Hat | Red Hat AI Inference Server 3.3 | 1778244531 < * | unaffected |
| Red Hat | Red Hat AI Inference Server 3.3 | 1778244546 < * | unaffected |
| Red Hat | Red Hat AI Inference Server 3.3 | 1775680192 < * | unaffected |
| Red Hat | Red Hat AI Inference Server 3.3 | 1775680262 < * | unaffected |
| Red Hat | Red Hat AI Inference Server 3.3 | 1775749857 < * | unaffected |
| Red Hat | Red Hat Ceph Storage 8 | 1774002867 < * | unaffected |
| Red Hat | Red Hat Discovery 2 | 1775668717 < * | unaffected |
| Red Hat | Red Hat Discovery 2 | 1775675922 < * | unaffected |
| Red Hat | Red Hat Hardened Images | 3.8.12-1.1.hum1 < * | unaffected |
| Red Hat | Red Hat Insights proxy 1.5 | 1773685509 < * | unaffected |
| Red Hat | Red Hat Update Infrastructure 5 | 1773670073 < * | unaffected |
| Red Hat | Red Hat Update Infrastructure 5 | 1773672059 < * | unaffected |
| Red Hat | Red Hat Update Infrastructure 5 | 1773668803 < * | unaffected |
| Red Hat | Red Hat Update Infrastructure 5 | 1773670137 < * | unaffected |
Weaknesses
- CWE-407: Inefficient Algorithmic Complexity
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: partial
Additional References
References
- https://access.redhat.com/errata/RHSA-2026:13812
- https://access.redhat.com/errata/RHSA-2026:16008
- https://access.redhat.com/errata/RHSA-2026:16009
- https://access.redhat.com/errata/RHSA-2026:16174
- https://access.redhat.com/errata/RHSA-2026:25096
- https://access.redhat.com/errata/RHSA-2026:30849
- https://access.redhat.com/errata/RHSA-2026:30850
- https://access.redhat.com/errata/RHSA-2026:33125
- https://access.redhat.com/errata/RHSA-2026:3477
- https://access.redhat.com/errata/RHSA-2026:4188
- https://access.redhat.com/errata/RHSA-2026:4655
- https://access.redhat.com/errata/RHSA-2026:4943
- https://access.redhat.com/errata/RHSA-2026:5585
- https://access.redhat.com/errata/RHSA-2026:5606
- https://access.redhat.com/errata/RHSA-2026:6618
- https://access.redhat.com/errata/RHSA-2026:6630
- https://access.redhat.com/errata/RHSA-2026:6737
- https://access.redhat.com/errata/RHSA-2026:6738
- https://access.redhat.com/errata/RHSA-2026:7329
- https://access.redhat.com/errata/RHSA-2026:7335
- https://access.redhat.com/errata/RHSA-2026:7477
- https://access.redhat.com/errata/RHSA-2026:8746
- https://access.redhat.com/errata/RHSA-2026:8747
- https://access.redhat.com/errata/RHSA-2026:8748
- https://access.redhat.com/security/cve/CVE-2025-14831
- https://bugzilla.redhat.com/show_bug.cgi?id=2423177
- https://gitlab.com/gnutls/gnutls/-/issues/1773
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.