Vulnerabilities
Misconfiguration
Compliance
CVE Vulnerabilities

CVE-2025-32988

Double Free

Published: Jul 10, 2025 | Modified: Dec 01, 2025
CVSS 3.x
8.2
HIGH
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
6.5 MODERATE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
Ubuntu
MEDIUM
Vulnerability-free packages from our partners
root.io logo minimus.io logo echo.ai logo
Additional information
NVDhttps://nvd.nist.gov/vuln/detail/CVE-2025-32988
CWEhttps://cwe.mitre.org/data/definitions/415.html

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure.

This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.

Weakness

The product calls free() twice on the same memory address.

Affected Software

NameVendorStart VersionEnd Version
GnutlsGnu*3.8.10 (excluding)
Red Hat Enterprise Linux 10RedHatgnutls-0:3.8.9-9.el10_0.14*
Red Hat Enterprise Linux 8RedHatgnutls-0:3.6.16-8.el8_10.4*
Red Hat Enterprise Linux 8RedHatgnutls-0:3.6.16-8.el8_10.4*
Red Hat Enterprise Linux 9RedHatgnutls-0:3.8.3-6.el9_6.2*
Red Hat Enterprise Linux 9RedHatgnutls-0:3.8.3-6.el9_6.2*
Red Hat Enterprise Linux 9.2 Update Services for SAP SolutionsRedHatgnutls-0:3.7.6-21.el9_2.4*
Red Hat Enterprise Linux 9.4 Extended Update SupportRedHatgnutls-0:3.8.3-4.el9_4.4*
Red Hat Ceph Storage 7RedHatrhceph/rhceph-7-rhel9:sha256:ce213d48fbefae6b9d5f5a64b79c6ed016afcb646bf7b5742707ed31f9a464a2*
Red Hat Discovery 2RedHatdiscovery/discovery-ui-rhel9:sha256:435ba9959b793d46a63a74c343bb8c3ff68350496afec12cc5e894dfc40b7648*
Red Hat Insights proxy 1.5RedHatinsights-proxy/insights-proxy-container-rhel9:sha256:8eb6b896e1eac4080a564e146f95c4166e47ca137083b37119027c6a77011207*
Gnutls28Ubuntudevel*
Gnutls28Ubuntuesm-infra/bionic*
Gnutls28Ubuntuesm-infra/focal*
Gnutls28Ubuntufips-updates/jammy*
Gnutls28Ubuntufips-updates/noble*
Gnutls28Ubuntujammy*
Gnutls28Ubuntunoble*
Gnutls28Ubuntuoracular*
Gnutls28Ubuntuplucky*
Gnutls28Ubuntuquesting*
Gnutls28Ubuntuupstream*

Potential Mitigations

References

Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2026 Aqua Security Software Ltd.   Privacy Policy | Terms of Use