Gnutls: gnutls: denial of service via dtls packet reordering vulnerability
Summary
| CVE | CVE-2026-42009 |
|---|---|
| State | PUBLISHED |
| Assigner | redhat |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2026-05-18 13:16:32 UTC |
| Updated | 2026-07-08 13:16:42 UTC |
| Description | A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service. |
Risk And Classification
Primary CVSS: v3.1 7.5 HIGH from ADP
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS: 0.004860000 probability, percentile 0.657850000 (date 2026-06-08)
Problem Types: CWE-475 | CWE-475 Undefined Behavior for Input to API
| Version | Source | Type | Score | Severity | Vector |
|---|---|---|---|---|---|
| 3.1 | ADP | CVSS | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| 3.1 | [email protected] | Secondary | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| 3.1 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | Secondary | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
| 3.1 | CNA | CVSS | 7.5 | HIGH | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
CVSS v3.1 Breakdown
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Application | Gnu | Gnutls | - | All | All | All |
| Operating System | Redhat | Enterprise Linux | 10.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 10.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 10.2 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 10.2 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 6.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 8.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 8.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 9.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 9.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux | 9.8 | All | All | All |
| Operating System | Redhat | Enterprise Linux For Els | 10.2 | All | All | All |
| Operating System | Redhat | Enterprise Linux For Els | 10.2 | All | All | All |
| Operating System | Redhat | Enterprise Linux For Els | 8.10 | All | All | All |
| Operating System | Redhat | Enterprise Linux For Els | 8.10 | All | All | All |
| Operating System | Redhat | Enterprise Linux For Els | 9.8 | All | All | All |
| Operating System | Redhat | Enterprise Linux For Els | 9.8 | All | All | All |
| Operating System | Redhat | Enterprise Linux For Eus | 10.2 | All | All | All |
| Operating System | Redhat | Enterprise Linux For Eus | 10.2 | All | All | All |
| Operating System | Redhat | Enterprise Linux For Eus | 9.8 | All | All | All |
| Operating System | Redhat | Enterprise Linux For Eus | 9.8 | All | All | All |
| Operating System | Redhat | Enterprise Linux For Ibm Z Systems | 8.0_s390x | All | All | All |
| Operating System | Redhat | Enterprise Linux For Ibm Z Systems | 9.0_s390x | All | All | All |
| Operating System | Redhat | Enterprise Linux For Ibm Z Systems Els | 8.10 | All | All | All |
| Operating System | Redhat | Enterprise Linux For Ibm Z Systems Els | 9.8 | All | All | All |
| Operating System | Redhat | Enterprise Linux For Ibm Z Systems Eus | 9.8 | All | All | All |
| Operating System | Redhat | Enterprise Linux For Power Little Endian | 8.0_ppc64le | All | All | All |
| Operating System | Redhat | Enterprise Linux For Power Little Endian | 9.0_ppc64le | All | All | All |
| Operating System | Redhat | Enterprise Linux For Power Little Endian Els | 8.10 | All | All | All |
| Operating System | Redhat | Enterprise Linux For Power Little Endian Els | 9.8 | All | All | All |
| Operating System | Redhat | Enterprise Linux For Power Little Endian Eus | 9.8 | All | All | All |
| Operating System | Redhat | Enterprise Linux For Update Services For Sap Solutions | 9.8 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions | 9.8 | All | All | All |
| Application | Redhat | Hardened Images | - | All | All | All |
| Application | Redhat | Openshift Container Platform | 4.0 | All | All | All |
Vendor Declared Affected Products
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| access.redhat.com/errata/RHSA-2026:30004 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:36004 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:30849 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| bugzilla.redhat.com/show_bug.cgi | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | bugzilla.redhat.com | Issue Tracking, Third Party Advisory |
| security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-42009.json | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | security.access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:34764 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:20611 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2026:13274 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2026:20613 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2026:36006 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:26319 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| www.gnutls.org/security-new.html | [email protected] | www.gnutls.org | |
| access.redhat.com/errata/RHSA-2026:32962 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:20612 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2026:34372 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:29197 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:29794 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/security/cve/CVE-2026-42009 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | Third Party Advisory |
| access.redhat.com/errata/RHSA-2026:33125 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:36005 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:26409 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:30850 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| access.redhat.com/errata/RHSA-2026:34788 | 0b0ca135-0b70-47e7-9f44-1890c2a1c46c | access.redhat.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
Vendor Comments And Credit
Discovery Credit
CNA: Red Hat would like to thank Joshua Rogers (AISLE Research Team) for reporting this issue. (en)
Additional Advisory Data
| Source | Time | Event |
|---|---|---|
| CNA | 2026-05-06T16:32:32.382Z | Reported to Red Hat. |
| CNA | 2026-04-29T00:00:00.000Z | Made public. |
| ADP | 2026-05-06T16:32:32.382Z | Reported to Red Hat. |
| ADP | 2026-04-29T00:00:00.000Z | Made public. |
Solutions
ADP: RHSA-2026:34372: Red Hat Enterprise Linux Server (v. 7 ELS)
ADP: RHSA-2026:34788: Red Hat OpenShift Container Platform 4.20
ADP: RHSA-2026:34764: Red Hat OpenShift Container Platform 4.21
ADP: RHSA-2026:29794: Red Hat OpenShift Container Platform 4.22
ADP: RHSA-2026:26409: Red Hat Enterprise Linux AppStream EUS (v. 10.0), Red Hat Enterprise Linux BaseOS EUS (v. 10.0)
ADP: RHSA-2026:20613: Red Hat Enterprise Linux AppStream (v. 10), Red Hat Enterprise Linux BaseOS (v. 10)
ADP: RHSA-2026:20611: Red Hat Enterprise Linux AppStream (v. 8), Red Hat Enterprise Linux BaseOS (v. 8)
ADP: RHSA-2026:33125: Red Hat Enterprise Linux AppStream AUS (v.8.4), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.4), Red Hat Enterprise Linux BaseOS AUS (v.8.4), Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.4)
ADP: RHSA-2026:30849: Red Hat Enterprise Linux AppStream AUS (v.8.6), Red Hat Enterprise Linux AppStream EUS EXTENSION (v.8.6), Red Hat Enterprise Linux BaseOS AUS (v.8.6), Red Hat Enterprise Linux BaseOS EUS EXTENSION (v.8.6)
ADP: RHSA-2026:30850: Red Hat Enterprise Linux AppStream E4S (v.8.8), Red Hat Enterprise Linux AppStream TUS (v.8.8), Red Hat Enterprise Linux BaseOS E4S (v.8.8), Red Hat Enterprise Linux BaseOS TUS (v.8.8)
ADP: RHSA-2026:32962: Red Hat Enterprise Linux AppStream E4S (v.9.4), Red Hat Enterprise Linux BaseOS E4S (v.9.4)
ADP: RHSA-2026:30004: Red Hat Enterprise Linux AppStream EUS (v.9.6), Red Hat Enterprise Linux BaseOS EUS (v.9.6)
ADP: RHSA-2026:20612: Red Hat Enterprise Linux AppStream (v. 9), Red Hat Enterprise Linux BaseOS (v. 9)
ADP: RHSA-2026:36004: Red Hat AI Inference Server 3.2
ADP: RHSA-2026:36005: Red Hat AI Inference Server 3.2
ADP: RHSA-2026:36006: Red Hat AI Inference Server 3.2
ADP: RHSA-2026:29197: Red Hat Discovery 2
ADP: RHSA-2026:13274: Red Hat Hardened Images
ADP: RHSA-2026:26319: Red Hat Update Infrastructure 5