Skip to main content

GnuTLS CVE-2026-3832

| EUVDEUVD-2026-26402 LOW
Incorrect Behavior Order: Early Validation (CWE-179)
2026-04-30 redhat
3.7
CVSS 3.1 · Vendor: redhat

Severity by source

Vendor (redhat) PRIMARY
3.7 LOW
AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Primary rating from Vendor (redhat) · only source for this CVE.

CVSS VectorVendor: redhat

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
Low
Integrity
None
Availability
None

Lifecycle Timeline

4
Analysis Generated
Apr 30, 2026 - 18:16 vuln.today
EUVD ID Assigned
Apr 30, 2026 - 18:00 euvd
EUVD-2026-26402
Analysis Generated
Apr 30, 2026 - 18:00 vuln.today
CVE Published
Apr 30, 2026 - 17:41 nvd
LOW 3.7

DescriptionCVE.org

A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted Online Certificate Status Protocol (OCSP) response during a TLS handshake. Due to a logic error in how gnutls processes multi-record OCSP responses, a client with OCSP verification enabled may incorrectly accept a revoked server certificate, potentially leading to a compromise of trust.

AnalysisAI

GnuTLS with OCSP verification enabled incorrectly accepts revoked server certificates when presented with specially crafted multi-record OCSP responses during TLS handshakes, allowing attackers to bypass certificate revocation checks and establish connections to compromised servers. The vulnerability requires high attack complexity and specific OCSP configuration, affecting Red Hat Enterprise Linux 6-10, Red Hat Hardened Images, and OpenShift Container Platform 4. No public exploit code or active exploitation has been identified at the time of analysis.

Technical ContextAI

GnuTLS is a cryptographic library that implements TLS/SSL and DTLS protocols, including support for Online Certificate Status Protocol (OCSP) validation. OCSP is a mechanism for checking X.509 digital certificate revocation status in real-time, as an alternative to Certificate Revocation Lists (CRLs). The vulnerability stems from a logic error (CWE-179: Improper Neutralization of Formula Elements in a CSV File) in how GnuTLS parses and validates multi-record OCSP responses - responses that span multiple TLS records during the handshake. The affected CPE entries indicate the vulnerability impacts GnuTLS bundled with Red Hat Enterprise Linux versions 6 through 10, Red Hat Hardened Images, and OpenShift Container Platform 4, spanning both older legacy systems and modern containerized deployments.

RemediationAI

Apply Red Hat security updates for GnuTLS across affected systems using the vendor-provided errata for RHEL 6, 7, 8, 9, and 10, with specific patch versions available through Red Hat's advisory portal (https://access.redhat.com/security/cve/CVE-2026-3832). For OpenShift Container Platform 4 deployments, update the platform and rebuild container images with patched GnuTLS. As an interim compensating control, disable OCSP verification on affected clients if the security posture permits, though this weakens certificate revocation checking and should only be temporary; alternatively, enforce CRL-based revocation checking instead of OCSP if supported by the application. Network-level MITM prevention (such as pinning or explicit firewall rules limiting certificate issuance paths) can reduce the window of exposure for the specific attack scenario, but cannot fully mitigate the OCSP validation bypass itself. Monitor upstream GnuTLS releases and Red Hat advisories for patched version numbers, as this CVE was assigned in 2026 and patch availability timelines may not yet be final.

CVE-2026-4631 CRITICAL POC
9.8 Apr 07

Remote code execution in Cockpit's web interface allows unauthenticated attackers to execute arbitrary commands on the h

CVE-2026-4480 CRITICAL POC
9.0 May 26

Remote code execution in Samba's printing subsystem allows remote attackers to inject arbitrary shell commands via craft

CVE-2026-14544 CRITICAL
9.8 Jul 03

Remote code execution and privilege escalation in HPLIP (HP Linux Imaging and Printing) affects the hpcups print filter

CVE-2026-28369 CRITICAL
9.1 Mar 27

HTTP request smuggling in Undertow (the embedded web server underpinning JBoss EAP, Red Hat Data Grid, and Apache Camel

CVE-2026-28368 CRITICAL
9.1 Mar 27

HTTP request smuggling in Red Hat Undertow allows remote unauthenticated attackers to bypass front-end security controls

CVE-2026-33845 CRITICAL
9.1 Apr 30

Out-of-bounds read in the GnuTLS DTLS handshake reassembly logic lets remote unauthenticated attackers trigger an intege

CVE-2026-28367 CRITICAL
9.1 Mar 27

HTTP request smuggling in Undertow allows remote unauthenticated attackers to send `\r\r\r` as a header block terminator

CVE-2026-11610 HIGH
8.8 Jul 07

Denial of service in Red Hat / 389 Directory Server (389-ds-base, versions since ~1.3.2/2013) allows an authenticated LD

CVE-2026-14474 HIGH
8.8 Jul 07

Local-to-domain-wide root privilege escalation in SSSD's LDAP sudo provider allows an authenticated LDAP directory user

CVE-2026-52720 HIGH
8.8 Jun 15

Heap buffer overflow in GStreamer's librfb (RFB/VNC client) allows a malicious VNC server to corrupt heap memory on a co

CVE-2026-5674 HIGH
8.8 Jul 16

Sandbox escape in PipeWire's PulseAudio compatibility layer lets a low-privileged process inside a confined environment

CVE-2026-5260 HIGH
8.2 May 26

Information disclosure and denial of service in GnuTLS (libgnutls) let a remote, unauthenticated attacker trigger a heap

Share

CVE-2026-3832 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy