Alerts This Week
Warning Icon 1 923
Alerts This Week
Warning Icon 1 923

SUSE: gnutls Important Patch for CVE-2025-32988, 32989, 32990, 6395

suse
Calendar Grey July 17, 2025
Dist Suse Esm H88
Follow these steps to patch gnutls on SUSE systems, ensuring your environment is secure against vulnerabilities and your applications remain compliant
* bsc#1246232 * bsc#1246233 * bsc#1246267 * bsc#1246299

Summary

## This update for gnutls fixes the following issues: * CVE-2025-6395: Fix NULL pointer dereference when 2nd Client Hello omits PSK (bsc#1246299) * CVE-2025-32988: Fix double-free due to incorrect ownership handling in the export logic of SAN entries containing an otherName (bsc#1246232) * CVE-2025-32989: Fix heap buffer overread when handling the CT SCT extension during X.509 certificate parsing (bsc#1246233) * CVE-2025-32990: Fix 1-byte heap buffer overflow when parsing templates with certtool (bsc#1246267) ## Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST online_update or "zypper patch". Alternatively you can run the command listed for your product: * SUSE Linux Enterprise Micro for Rancher 5.3 zypper in -t patch SUSE-SLE-Micro-5.3-2025-2340=1

Topics%20covered

Topics Covered

security advisory SuSE important null pointer gnutls buffer overread

References

* bsc#1246232

* bsc#1246233

* bsc#1246267

* bsc#1246299

Cross-

* CVE-2025-32988

* CVE-2025-32989

* CVE-2025-32990

* CVE-2025-6395

CVSS scores:

* CVE-2025-32988 ( SUSE ): 9.2

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

* CVE-2025-32988 ( SUSE ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-32988 ( NVD ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

* CVE-2025-32989 ( SUSE ): 8.3

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:H/SC:N/SI:N/SA:N

* CVE-2025-32989 ( SUSE ): 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:H

* CVE-2025-32989 ( NVD ): 5.3 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

* CVE-2025-32990 ( SUSE ): 4.8

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:02340-1
Release Date: 2025-07-17T09:04:04Z
Rating: important

Topics%20covered

Topics Covered

security advisory SuSE important null pointer gnutls buffer overread

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here