CVE-2025-14831

Summary

A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).

Affected Software

VendorProductVersion RangeStatus
Red HatRed Hat Enterprise Linux 100:3.8.10-3.el10_1 < *unaffected
Red HatRed Hat Enterprise Linux 10.0 Extended Update Support0:3.8.9-9.el10_0.17 < *unaffected
Red HatRed Hat Enterprise Linux 80:3.6.16-8.el8_10.5 < *unaffected
Red HatRed Hat Enterprise Linux 80:3.6.16-8.el8_10.5 < *unaffected
Red HatRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support0:3.6.14-10.el8_4.1 < *unaffected
Red HatRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support0:4.13-3.el8_4.1 < *unaffected
Red HatRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On0:3.6.14-10.el8_4.1 < *unaffected
Red HatRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On0:4.13-3.el8_4.1 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support0:3.6.16-5.el8_6.5 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support0:4.13-3.el8_6.2 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On0:3.6.16-5.el8_6.5 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On0:4.13-3.el8_6.2 < *unaffected
Red HatRed Hat Enterprise Linux 8.8 Telecommunications Update Service0:3.6.16-7.el8_8.4 < *unaffected
Red HatRed Hat Enterprise Linux 8.8 Telecommunications Update Service0:4.13-4.el8_8.1 < *unaffected
Red HatRed Hat Enterprise Linux 8.8 Update Services for SAP Solutions0:3.6.16-7.el8_8.4 < *unaffected
Red HatRed Hat Enterprise Linux 8.8 Update Services for SAP Solutions0:4.13-4.el8_8.1 < *unaffected
Red HatRed Hat Enterprise Linux 90:3.8.3-10.el9_7 < *unaffected
Red HatRed Hat Enterprise Linux 90:3.8.3-10.el9_7 < *unaffected
Red HatRed Hat Enterprise Linux 9.2 Update Services for SAP Solutions0:3.7.6-21.el9_2.5 < *unaffected
Red HatRed Hat Enterprise Linux 9.4 Extended Update Support0:3.8.3-4.el9_4.5 < *unaffected
Red HatRed Hat Enterprise Linux 9.6 Extended Update Support0:3.8.3-6.el9_6.3 < *unaffected
Red HatRHEL-8 based Middleware Containers7.13.5-4.1777325677 < *unaffected
Red HatRHEL-8 based Middleware Containers7.13.5-4.1777325711 < *unaffected
Red HatRHEL-8 based Middleware Containers7.13.5-4.1777325710 < *unaffected
Red HatRHEL-8 based Middleware Containers7.13.5-3.1777325680 < *unaffected
Red HatRHEL-8 based Middleware Containers7.13.5-4.1777325709 < *unaffected
Red HatRHEL-8 based Middleware Containers7.13.5-4.1777325680 < *unaffected
Red HatRHEL-8 based Middleware Containers7.13.5-4.1777325708 < *unaffected
Red HatRed Hat AI Inference Server 3.21780681984 < *unaffected
Red HatRed Hat AI Inference Server 3.21775740563 < *unaffected
Red HatRed Hat AI Inference Server 3.31778244559 < *unaffected
Red HatRed Hat AI Inference Server 3.31778244531 < *unaffected
Red HatRed Hat AI Inference Server 3.31778244546 < *unaffected
Red HatRed Hat AI Inference Server 3.31775680192 < *unaffected
Red HatRed Hat AI Inference Server 3.31775680262 < *unaffected
Red HatRed Hat AI Inference Server 3.31775749857 < *unaffected
Red HatRed Hat Ceph Storage 81774002867 < *unaffected
Red HatRed Hat Discovery 21775668717 < *unaffected
Red HatRed Hat Discovery 21775675922 < *unaffected
Red HatRed Hat Hardened Images3.8.12-1.1.hum1 < *unaffected
Red HatRed Hat Insights proxy 1.51773685509 < *unaffected
Red HatRed Hat Update Infrastructure 51773670073 < *unaffected
Red HatRed Hat Update Infrastructure 51773672059 < *unaffected
Red HatRed Hat Update Infrastructure 51773668803 < *unaffected
Red HatRed Hat Update Infrastructure 51773670137 < *unaffected

Weaknesses

  • CWE-407: Inefficient Algorithmic Complexity

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

Additional References

References