Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Ubuntu 20.04 LTS: GnuTLS Important Denial of Service Vuln USN-7742-1

ubuntu
Calendar Grey September 10, 2025
Dist Ubuntu Esm H88
Ubuntu Advisory USN-7743-1 addresses vulnerabilities in OpenSSL across various versions that may allow unauthorized remote code execution.
Several security issues were fixed in GnuTLS.

Summary

Several security issues were fixed in GnuTLS.

Software Description:

- gnutls28: GNU TLS library

Details:

It was discovered that GnuTLS incorrectly handled exporting Subject

Alternative Name (SAN) entries containing an otherName. A remote attacker

could use this issue to cause GnuTLS to crash, resulting in a denial of

service, or possibly execute arbitrary code. This issue only affected

Ubuntu 18.04 LTS and Ubuntu 20.04 LTS. (CVE-2025-32988)

It was discovered that the GnuTLS certtool utility incorrectly handled

parsing certain template files. An attacker could use this issue to cause

GnuTLS to crash, resulting in a denial of service, or possibly execute

arbitrary code. (CVE-2025-32990)

Stefan Bühler discovered that GnuTLS incorrectly handled parsing certain

template files. An attacker could possibly use this issue to cause GnuTLS

to crash, resulting in a denial of service. This issue only affected

Ubuntu 20.04 LTS. (CVE-2025-6395)

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS
  libgnutls30                     3.6.13-2ubuntu1.12+esm1
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  libgnutls30                     3.5.18-1ubuntu1.6+esm2
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  libgnutls30                     3.4.10-4ubuntu1.9+esm2
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-7742-1

CVE-2025-32988, CVE-2025-32990, CVE-2025-6395

Severity
important
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-7742-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here