Description
A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.
Published: 2026-05-18
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw was discovered in the GnuTLS Datagram Transport Layer Security (DTLS) implementation. The comparator that orders packets by sequence number fails to handle duplicate sequence numbers, which can cause unstable ordering or undefined behavior. When an attacker sends crafted DTLS packets with repeated sequence numbers, the affected service may crash or become otherwise unusable, resulting in a denial of service. The weakness is identified as CWE-475, indicating an improper comparison of data values.

Affected Systems

The vulnerability affects Red Hat Enterprise Linux 10, 9, 8, 7, and 6, including Red Hat Hardened Images, as well as Red Hat OpenShift Container Platform 4. All of these include the GnuTLS library containing the faulty comparator logic.

Risk and Exploitability

The CVSS score of 7.5 reflects a high severity impact for remote attackers. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog, suggesting that it is not currently known to be exploited in the wild. The likely attack vector is remote over a network where the vulnerable system receives DTLS traffic. No authentication or privileged access is required; any host that sends malicious DTLS packets can trigger the denial of service. Because the flaw manifests as a crash or hang, the primary impact is a single‑point disruption of services that rely on DTLS, which can cascade in a clustered or high‑availability environment.

Generated by OpenCVE AI on May 18, 2026 at 14:35 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the GnuTLS package to the latest patched version provided by the vendor and reload the affected services.
  • Restart or reload the impacted services once the package update is applied to ensure the new library is in use.
  • As a temporary measure, block or quarantine DTLS traffic on the affected hosts with firewall rules, or disable DTLS in application configuration until the patch is applied.

Generated by OpenCVE AI on May 18, 2026 at 14:35 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4595-1 gnutls28 security update
Debian DSA Debian DSA DSA-6281-1 gnutls28 security update
Ubuntu USN Ubuntu USN USN-8284-1 GnuTLS vulnerabilities
History

Mon, 08 Jun 2026 17:30:00 +0000

Type Values Removed Values Added
First Time appeared Gnu
Gnu gnutls
Redhat enterprise Linux For Els
Redhat enterprise Linux For Eus
Redhat enterprise Linux For Ibm Z Systems
Redhat enterprise Linux For Ibm Z Systems Els
Redhat enterprise Linux For Ibm Z Systems Eus
Redhat enterprise Linux For Power Little Endian
Redhat enterprise Linux For Power Little Endian Els
Redhat enterprise Linux For Power Little Endian Eus
Redhat enterprise Linux For Update Services For Sap Solutions
Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions
CPEs cpe:2.3:a:gnu:gnutls:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:hardened_images:-:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:arm64:*
cpe:2.3:o:redhat:enterprise_linux:10.0:*:*:*:*:*:x64:*
cpe:2.3:o:redhat:enterprise_linux:10.2:*:*:*:*:*:arm64:*
cpe:2.3:o:redhat:enterprise_linux:10.2:*:*:*:*:*:x64:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:arm64:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:x64:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:arm64:*
cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:x64:*
cpe:2.3:o:redhat:enterprise_linux:9.8:*:*:*:*:*:arm64:*
cpe:2.3:o:redhat:enterprise_linux_for_els:10.2:*:*:*:*:*:arm64:*
cpe:2.3:o:redhat:enterprise_linux_for_els:10.2:*:*:*:*:*:x64:*
cpe:2.3:o:redhat:enterprise_linux_for_els:8.10:*:*:*:*:*:arm64:*
cpe:2.3:o:redhat:enterprise_linux_for_els:8.10:*:*:*:*:*:x64:*
cpe:2.3:o:redhat:enterprise_linux_for_els:9.8:*:*:*:*:*:arm64:*
cpe:2.3:o:redhat:enterprise_linux_for_els:9.8:*:*:*:*:*:x64:*
cpe:2.3:o:redhat:enterprise_linux_for_eus:10.2:*:*:*:*:*:arm64:*
cpe:2.3:o:redhat:enterprise_linux_for_eus:10.2:*:*:*:*:*:x64:*
cpe:2.3:o:redhat:enterprise_linux_for_eus:9.8:*:*:*:*:*:arm64:*
cpe:2.3:o:redhat:enterprise_linux_for_eus:9.8:*:*:*:*:*:x64:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:10.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:8.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:9.0_s390x:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_els:10.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_els:8.10:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_els:9.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:10.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems_eus:9.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:10.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:10.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:8.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian:9.0_ppc64le:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_els:10.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_els:8.10:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_els:9.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:10.2:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_power_little_endian_eus:9.8:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_for_update_services_for_sap_solutions:9.8:*:*:*:*:*:x64:*
cpe:2.3:o:redhat:enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions:9.8:*:*:*:*:*:*:*
Vendors & Products Gnu
Gnu gnutls
Redhat enterprise Linux For Els
Redhat enterprise Linux For Eus
Redhat enterprise Linux For Ibm Z Systems
Redhat enterprise Linux For Ibm Z Systems Els
Redhat enterprise Linux For Ibm Z Systems Eus
Redhat enterprise Linux For Power Little Endian
Redhat enterprise Linux For Power Little Endian Els
Redhat enterprise Linux For Power Little Endian Eus
Redhat enterprise Linux For Update Services For Sap Solutions
Redhat enterprise Linux Server For Power Little Endian Update Services For Sap Solutions

Tue, 02 Jun 2026 15:45:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:9 cpe:/a:redhat:enterprise_linux:9::appstream
cpe:/o:redhat:enterprise_linux:9::baseos
References

Mon, 01 Jun 2026 20:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:10 cpe:/o:redhat:enterprise_linux:10.2
References

Wed, 27 May 2026 03:30:00 +0000

Type Values Removed Values Added
CPEs cpe:/o:redhat:enterprise_linux:8 cpe:/a:redhat:enterprise_linux:8::appstream
cpe:/o:redhat:enterprise_linux:8::baseos
References

Sun, 24 May 2026 01:30:00 +0000

Type Values Removed Values Added
References

Tue, 19 May 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Redhat hardened Images
Redhat openshift Container Platform
Vendors & Products Redhat hardened Images
Redhat openshift Container Platform

Tue, 19 May 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 threat_severity

Important

Mon, 18 May 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 18 May 2026 13:00:00 +0000

Type Values Removed Values Added
Description A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.
Title Gnutls: gnutls: denial of service via dtls packet reordering vulnerability
First Time appeared Redhat
Redhat enterprise Linux
Redhat hummingbird
Redhat openshift
Weaknesses CWE-475
CPEs cpe:/a:redhat:hummingbird:1
cpe:/a:redhat:openshift:4
cpe:/o:redhat:enterprise_linux:10
cpe:/o:redhat:enterprise_linux:6
cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:8
cpe:/o:redhat:enterprise_linux:9
Vendors & Products Redhat
Redhat enterprise Linux
Redhat hummingbird
Redhat openshift
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H'}

Subscriptions

Gnu Gnutls
Redhat Enterprise Linux Enterprise Linux For Els Enterprise Linux For Eus Enterprise Linux For Ibm Z Systems Enterprise Linux For Ibm Z Systems Els Enterprise Linux For Ibm Z Systems Eus Enterprise Linux For Power Little Endian Enterprise Linux For Power Little Endian Els Enterprise Linux For Power Little Endian Eus Enterprise Linux For Update Services For Sap Solutions Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions Hardened Images Hummingbird Openshift Openshift Container Platform
cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published:

Updated: 2026-06-02T14:26:50.161Z

Reserved: 2026-04-23T11:23:46.516Z

Link: CVE-2026-42009

cve-icon Vulnrichment

Updated: 2026-05-18T19:05:20.322Z

cve-icon NVD

Status : Analyzed

Published: 2026-05-18T13:16:32.707

Modified: 2026-06-08T17:16:36.727

Link: CVE-2026-42009

cve-icon Redhat

Severity : Important

Publid Date: 2026-04-29T00:00:00Z

Links: CVE-2026-42009 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-05-19T08:18:57Z

Weaknesses
  • CWE-475

    Undefined Behavior for Input to API