Alerts This Week
Warning Icon 1 485
Alerts This Week
Warning Icon 1 485

Ubuntu GnuTLS Critical Denial of Service and Security Issues 2026-8502-1

ubuntu
Calendar Grey July 6, 2026
Dist Ubuntu Esm H88
GnuTLS vulnerabilities in Ubuntu require urgent updates to prevent potential remote attacks and service disruption.
Several security issues were fixed in GnuTLS.

Summary

Several security issues were fixed in GnuTLS.

Software Description:

- gnutls28: GNU TLS library

Details:

It was discovered that GnuTLS had a timing side-channel when processing

malformed ciphertexts in RSA-PSK ClientKeyExchange. A remote attacker

could possibly use this issue to recover sensitive information. This

issue only affected Ubuntu 18.04 LTS. (CVE-2024-0553)

Bing Shi discovered that GnuTLS incorrectly handled decoding certain

DER-encoded certificates. A remote attacker could possibly use this

issue to cause GnuTLS to consume resources, leading to a denial of

service. This issue only affected Ubuntu 18.04 LTS. (CVE-2024-12243)

Luigino Camastra discovered that GnuTLS incorrectly handled certain

PKCS11 token labels. A remote attacker could use this issue to cause

GnuTLS to crash, resulting in a denial of service, or possibly execute

arbitrary code. The default compiler options for affected releases

should reduce the vulnerability to a denial of service. (CVE-2025-9820)

...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS
  gnutls-bin                      3.6.13-2ubuntu1.12+esm2
                                  Available with Ubuntu Pro
  guile-gnutls                    3.6.13-2ubuntu1.12+esm2
                                  Available with Ubuntu Pro
  libgnutls-dane0                 3.6.13-2ubuntu1.12+esm2
                                  Available with Ubuntu Pro
  libgnutls-openssl27             3.6.13-2ubuntu1.12+esm2
                                  Available with Ubuntu Pro
  libgnutls28-dev                 3.6.13-2ubuntu1.12+esm2
                                  Available with Ubuntu Pro
  libgnutls30                     3.6.13-2ubuntu1.12+esm2
                                  Available with Ubuntu Pro
  libgnutlsxx28                   3.6.13-2ubuntu1.12+esm2
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  gnutls-bin                      3.5.18-1ubuntu1.6+esm3
                                  Available with Ubuntu Pro
  libgnutls-dane0                 3.5.18-1ubuntu1.6+esm3
                                  Available with Ubuntu Pro
  libgnutls-openssl27             3.5.18-1ubuntu1.6+esm3
                                  Available with Ubuntu Pro
  libgnutls28-dev                 3.5.18-1ubuntu1.6+esm3
                                  Available with Ubuntu Pro
  libgnutls30                     3.5.18-1ubuntu1.6+esm3
                                  Available with Ubuntu Pro
  libgnutlsxx28                   3.5.18-1ubuntu1.6+esm3
                                  Available with Ubuntu Pro

Ubuntu 16.04 LTS
  gnutls-bin                      3.4.10-4ubuntu1.9+esm3
                                  Available with Ubuntu Pro
  guile-gnutls                    3.4.10-4ubuntu1.9+esm3
                                  Available with Ubuntu Pro
  libgnutls-dev                   3.4.10-4ubuntu1.9+esm3
                                  Available with Ubuntu Pro
  libgnutls-openssl27             3.4.10-4ubuntu1.9+esm3
                                  Available with Ubuntu Pro
  libgnutls28-dev                 3.4.10-4ubuntu1.9+esm3
                                  Available with Ubuntu Pro
  libgnutls30                     3.4.10-4ubuntu1.9+esm3
                                  Available with Ubuntu Pro
  libgnutlsxx28                   3.4.10-4ubuntu1.9+esm3
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8502-1

CVE-2024-0553, CVE-2024-12243, CVE-2025-14831, CVE-2025-9820,

CVE-2026-33845, CVE-2026-33846, CVE-2026-3833, CVE-2026-42009,

CVE-2026-42010, CVE-2026-5260

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8502-1

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here