CVE-2025-9820

A flaw was found in the GnuTLS library, specifically in the gnutls_pkcs11_token_init() function that handles PKCS#11 token initialization. When a token label longer than expected is processed, the function writes past the end of a fixed-size stack buffer. This programming error can cause the application using GnuTLS to crash or, in certain conditions, be exploited for code execution. As a result, systems or applications relying on GnuTLS may be vulnerable to a denial of service or local privilege escalation attacks.

CVSS v3 4.0 MEDIUM

4.0^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/errata/RHSA-2026:3477
https://access.redhat.com/errata/RHSA-2026:4188
https://access.redhat.com/errata/RHSA-2026:4655
https://access.redhat.com/errata/RHSA-2026:4943
https://access.redhat.com/errata/RHSA-2026:5585
https://access.redhat.com/errata/RHSA-2026:5606
https://access.redhat.com/errata/RHSA-2026:7329
https://access.redhat.com/errata/RHSA-2026:7477
https://access.redhat.com/security/cve/CVE-2025-9820
https://bugzilla.redhat.com/show_bug.cgi?id=2392528
https://gitlab.com/gnutls/gnutls/-/commit/1d56f96f6ab5034d677136b9d50b5a75dff0faf5
https://gitlab.com/gnutls/gnutls/-/issues/1732
https://www.gnutls.org/security-new.html#GNUTLS-SA-2025-11-18
http://www.openwall.com/lists/oss-security/2025/11/20/2

Configurations

No configuration.

History

22 Apr 2026, 02:16

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2026:7477 -

09 Apr 2026, 16:16

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2026:7329 -

24 Mar 2026, 11:16

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2026:5585 - () https://access.redhat.com/errata/RHSA-2026:5606 -

18 Mar 2026, 17:16

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2026:4943 -

16 Mar 2026, 20:16

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2026:4655 -

11 Mar 2026, 10:16

Type	Values Removed	Values Added
Summary		(es) Se encontró una falla en la librería GnuTLS, específicamente en la función gnutls_pkcs11_token_init() que maneja la inicialización de tokens PKCS#11. Cuando se procesa una etiqueta de token más larga de lo esperado, la función escribe más allá del final de un búfer de pila de tamaño fijo. Este error de programación puede causar que la aplicación que usa GnuTLS se bloquee o, en ciertas condiciones, ser explotado para la ejecución de código. Como resultado, los sistemas o aplicaciones que dependen de GnuTLS pueden ser vulnerables a ataques de denegación de servicio o escalada de privilegios local.
References		() https://access.redhat.com/errata/RHSA-2026:4188 -

02 Mar 2026, 18:16

Type	Values Removed	Values Added
References		() https://access.redhat.com/errata/RHSA-2026:3477 -

26 Jan 2026, 20:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-01-26 20:16

Updated : 2026-04-22 02:16

NVD link : CVE-2025-9820

Mitre link : CVE-2025-9820

CVE.ORG link : CVE-2025-9820

JSON object : View

Products Affected

No product.

CWE

CWE-121

Stack-based Buffer Overflow

4.0 /10