CVE-2026-42012

Summary

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier (URI) or Service (SRV) Subject Alternative Names (SANs). This could cause the certificate validation process to incorrectly fall back to checking DNS hostnames against the Common Name (CN), potentially allowing the attacker to spoof legitimate services or intercept sensitive information.

Affected Software

VendorProductVersion RangeStatus
Red HatRed Hat Enterprise Linux 100:3.8.10-4.el10_2 < *unaffected
Red HatRed Hat Enterprise Linux 10.0 Extended Update Support0:3.8.9-9.el10_0.19 < *unaffected
Red HatRed Hat Enterprise Linux 80:3.6.16-8.el8_10.6 < *unaffected
Red HatRed Hat Enterprise Linux 80:3.6.16-8.el8_10.6 < *unaffected
Red HatRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support0:3.6.14-10.el8_4.1 < *unaffected
Red HatRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update Support0:4.13-3.el8_4.1 < *unaffected
Red HatRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On0:3.6.14-10.el8_4.1 < *unaffected
Red HatRed Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-On0:4.13-3.el8_4.1 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support0:3.6.16-5.el8_6.5 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support0:4.13-3.el8_6.2 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On0:3.6.16-5.el8_6.5 < *unaffected
Red HatRed Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-On0:4.13-3.el8_6.2 < *unaffected
Red HatRed Hat Enterprise Linux 8.8 Telecommunications Update Service0:3.6.16-7.el8_8.4 < *unaffected
Red HatRed Hat Enterprise Linux 8.8 Telecommunications Update Service0:4.13-4.el8_8.1 < *unaffected
Red HatRed Hat Enterprise Linux 8.8 Update Services for SAP Solutions0:3.6.16-7.el8_8.4 < *unaffected
Red HatRed Hat Enterprise Linux 8.8 Update Services for SAP Solutions0:4.13-4.el8_8.1 < *unaffected
Red HatRed Hat Enterprise Linux 90:3.8.10-4.el9_8 < *unaffected
Red HatRed Hat Enterprise Linux 90:3.8.10-4.el9_8 < *unaffected
Red HatRed Hat Enterprise Linux 9.4 Update Services for SAP Solutions0:3.8.3-4.el9_4.6 < *unaffected
Red HatRed Hat Enterprise Linux 9.6 Extended Update Support0:3.8.3-6.el9_6.4 < *unaffected
Red HatRed Hat Discovery 21782159791 < *unaffected
Red HatRed Hat Discovery 21782166952 < *unaffected
Red HatRed Hat Update Infrastructure 51781525684 < *unaffected
Red HatRed Hat Update Infrastructure 51781525671 < *unaffected
Red HatRed Hat Update Infrastructure 51781525693 < *unaffected
Red HatRed Hat Update Infrastructure 51781525739 < *unaffected

Weaknesses

  • CWE-295: Improper Certificate Validation

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References