HIGH🇵🇱 Wersja polska

CVE-2026-42009

CVSS 7.5v3.1pub. 2026-05-18upd. 2026-07-02

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
  • Gnu Gnutls

    APP
    Gnu
    wszystkie wersje
  • Red Hat Enterprise Linux

    OS
    Redhat
    10.010.26.07.08.09.09.8
  • Red Hat Enterprise Linux For Els

    OS
    Redhat
    10.28.109.8
  • Red Hat Enterprise Linux For Eus

    OS
    Redhat
    10.29.8
  • Red Hat Enterprise Linux For IBM Z Systems

    OS
    Redhat
    10.28.0_s390x9.0_s390x
  • Red Hat Enterprise Linux For IBM Z Systems Els

    OS
    Redhat
    10.28.109.8
  • Red Hat Enterprise Linux For IBM Z Systems Eus

    OS
    Redhat
    10.29.8
  • Red Hat Enterprise Linux For Power Little Endian

    OS
    Redhat
    10.010.28.0_ppc64le9.0_ppc64le
  • Red Hat Enterprise Linux For Power Little Endian Els

    OS
    Redhat
    10.28.109.8
  • Red Hat Enterprise Linux For Power Little Endian Eus

    OS
    Redhat
    10.29.8
  • Red Hat Enterprise Linux For Update Services For Sap Solutions

    OS
    Redhat
    9.8
  • Red Hat Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions

    OS
    Redhat
    9.8
  • Red Hat Hardened Images

    APP
    Redhat
    wszystkie wersje
  • Red Hat OpenShift Container Platform

    APP
    Redhat
    4.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2025-32463CRITICAL9.3⚠ KEVPL ✓ten sam produkt

Sudo: eskalacja uprawnień do root poprzez opcję --chroot (CVE-2025-32463)

CVE-2021-40438CRITICAL9.0⚠ KEVten sam produkt

A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remot...

CVE-2019-5544CRITICAL9.8⚠ KEVten sam produkt

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the s...

CVE-2019-7609CRITICAL10.0⚠ KEVten sam produkt

Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. A...

CVE-2019-1003029CRITICAL9.9⚠ KEVten sam produkt

A sandbox bypass vulnerability exists in Jenkins Script Security Plugin 1.53 and earlier in src/main/java/org/...