Description
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.
Published: 2026-04-30
Score: 3.7 Low
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

GnuTLS contains a logic error in processing multi‑record OCSP responses that allows a remote attacker to present a crafted response during a TLS handshake. If a client has OCSP verification enabled, it may mistakenly accept a revoked server certificate, thereby undermining the integrity of the TLS trust chain and potentially enabling man‑in‑the‑middle attacks. The flaw does not grant arbitrary code execution but directly compromises authentication and confidentiality by allowing clients to trust a revoked credential.

Affected Systems

Red Hat Enterprise Linux versions 6, 7, 8, 9 and 10, Red Hat Hardened Images, and Red Hat OpenShift Container Platform 4 are affected because they ship a vulnerable GnuTLS library. Specific version information is not supplied, so any instance that uses the unpatched GnuTLS implementation is at risk.

Risk and Exploitability

The CVSS score of 3.7 indicates moderate severity, and the vulnerability is accessible remotely through the TLS protocol, requiring only that the client performs OCSP verification. EPSS is not available and the issue is not listed in CISA’s KEV catalog, suggesting that widespread exploitation has not yet been observed. Nevertheless, the impact of accepting a revoked certificate is significant, as it can lead to credential compromise and data exfiltration if an attacker establishes a covert channel. The absence of a public workaround and moderate scoring implies that organizations should promptly patch or otherwise mitigate the flaw.

Generated by OpenCVE AI on May 1, 2026 at 05:06 UTC.

Remediation

Vendor Workaround

Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.

OpenCVE Recommended Actions

  • Apply any available Red Hat security update that includes the GnuTLS patch for the affected products.
  • If disabling OCSP verification is acceptable for your environment until a patch is deployed, turn off OCSP validation on the client side to prevent acceptance of revoked certificates.
  • Continuously monitor TLS connections for unusual certificate status and employ certificate revocation checking tools to detect revoked certificates early.

Generated by OpenCVE AI on May 1, 2026 at 05:06 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 01 May 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Gnu
Gnu gnutls
Redhat hardened Images
Redhat openshift Container Platform
Vendors & Products Gnu
Gnu gnutls
Redhat hardened Images
Redhat openshift Container Platform

Fri, 01 May 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Low

Thu, 30 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 30 Apr 2026 18:00:00 +0000

Type Values Removed Values Added
Description A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.
Title Gnutls: gnutls: security bypass allows acceptance of revoked server certificates via crafted ocsp response
First Time appeared Redhat
Redhat enterprise Linux
Redhat hummingbird
Redhat openshift
Weaknesses CWE-179
CPEs cpe:/a:redhat:hummingbird:1
cpe:/a:redhat:openshift:4
cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
Redhat hummingbird
Redhat openshift
References
Metrics cvssV3_1

{'score': 3.7, 'vector': 'CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N'}

Subscriptions

Gnu Gnutls
Redhat Enterprise Linux Hardened Images Hummingbird Openshift Openshift Container Platform
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-04-30T18:22:29.356Z

Reserved: 2026-03-09T13:44:37.841Z

Link: CVE-2026-3832

cve-icon Vulnrichment

Updated: 2026-04-30T18:22:22.233Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-30T18:16:30.433

Modified: 2026-04-30T19:16:09.533

Link: CVE-2026-3832

cve-icon Redhat

Severity : Low

Publid Date: 2026-04-30T17:29:25Z

Links: CVE-2026-3832 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-01T08:21:11Z

Weaknesses