ГлавнаяУязвимости → CVE-2026-42009
7.5высокая

CVE-2026-42009

Описание

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.

Затрагиваемое ПО
Gnu GnutlsRedhat Hardened imagesRedhat Openshift container platformRedhat Enterprise linuxRedhat Enterprise linux for elsRedhat Enterprise linux for ibm z systemsRedhat Enterprise linux for ibm z systems elsRedhat Enterprise linux for power little endianRedhat Enterprise linux for power little endian elsRedhat Enterprise linux for eusRedhat Enterprise linux for ibm z systems eusRedhat Enterprise linux for power little endian eusRedhat Enterprise linux for update services for sap solutionsRedhat Enterprise linux server for power little endian update services for sap solutions
CVSS
Балл7.5 — высокая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Источники
https://access.redhat.com/errata/RHSA-2026:13274https://access.redhat.com/errata/RHSA-2026:20611https://access.redhat.com/errata/RHSA-2026:20612https://access.redhat.com/errata/RHSA-2026:20613https://access.redhat.com/errata/RHSA-2026:26319https://access.redhat.com/errata/RHSA-2026:26409https://access.redhat.com/errata/RHSA-2026:29197https://access.redhat.com/errata/RHSA-2026:29794