CVE Vulnerabilities

CVE-2026-33845

Integer Underflow (Wrap or Wraparound)

Published: Apr 30, 2026 | Modified: Jul 07, 2026
CVSS 3.x
9.1
CRITICAL
Source:
NVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
CVSS 2.x
RedHat/V2
RedHat/V3
7.5 IMPORTANT
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Ubuntu
MEDIUM
root.io logo minimus.io logo echo.ai logo

A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.

Weakness

The product subtracts one value from another, such that the result is less than the minimum allowable integer value, which produces a value that is not equal to the correct result.

Affected Software

NameVendorStart VersionEnd Version
GnutlsGnu- (including)- (including)
Openshift_container_platformRedhat4.0 (including)4.0 (including)
Enterprise_linuxRedhat6.0 (including)6.0 (including)
Enterprise_linuxRedhat7.0 (including)7.0 (including)
Enterprise_linuxRedhat8.0 (including)8.0 (including)
Enterprise_linuxRedhat9.0 (including)9.0 (including)
Enterprise_linuxRedhat10.0 (including)10.0 (including)
Red Hat Enterprise Linux 10RedHatgnutls-0:3.8.10-4.el10_2*
Red Hat Enterprise Linux 10.0 Extended Update SupportRedHatgnutls-0:3.8.9-9.el10_0.19*
Red Hat Enterprise Linux 7 Extended Lifecycle SupportRedHatgnutls-0:3.3.29-9.el7_9.1*
Red Hat Enterprise Linux 8RedHatgnutls-0:3.6.16-8.el8_10.6*
Red Hat Enterprise Linux 8RedHatgnutls-0:3.6.16-8.el8_10.6*
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRedHatgnutls-0:3.6.14-10.el8_4.1*
Red Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRedHatlibtasn1-0:4.13-3.el8_4.1*
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRedHatgnutls-0:3.6.14-10.el8_4.1*
Red Hat Enterprise Linux 8.4 Extended Update Support Long-Life Add-OnRedHatlibtasn1-0:4.13-3.el8_4.1*
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRedHatgnutls-0:3.6.16-5.el8_6.5*
Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRedHatlibtasn1-0:4.13-3.el8_6.2*
Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-OnRedHatgnutls-0:3.6.16-5.el8_6.5*
Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-OnRedHatlibtasn1-0:4.13-3.el8_6.2*
Red Hat Enterprise Linux 8.8 Telecommunications Update ServiceRedHatgnutls-0:3.6.16-7.el8_8.4*
Red Hat Enterprise Linux 8.8 Telecommunications Update ServiceRedHatlibtasn1-0:4.13-4.el8_8.1*
Red Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRedHatgnutls-0:3.6.16-7.el8_8.4*
Red Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRedHatlibtasn1-0:4.13-4.el8_8.1*
Red Hat Enterprise Linux 9RedHatgnutls-0:3.8.10-4.el9_8*
Red Hat Enterprise Linux 9RedHatgnutls-0:3.8.10-4.el9_8*
Red Hat Enterprise Linux 9.4 Update Services for SAP SolutionsRedHatgnutls-0:3.8.3-4.el9_4.6*
Red Hat Enterprise Linux 9.6 Extended Update SupportRedHatgnutls-0:3.8.3-6.el9_6.4*
Red Hat AI Inference Server 3.2RedHatrhaiis/model-opt-cuda-rhel9:1782951051*
Red Hat AI Inference Server 3.2RedHatrhaiis/vllm-cuda-rhel9:1782951012*
Red Hat AI Inference Server 3.2RedHatrhaiis/vllm-rocm-rhel9:1782951244*
Red Hat Discovery 2RedHatdiscovery/discovery-server-rhel9:1782159791*
Red Hat Discovery 2RedHatdiscovery/discovery-ui-rhel9:1782166952*
Red Hat Hardened ImagesRedHatgnutls-main-3.8.13-1.hum1*
Red Hat Update Infrastructure 5RedHatrhui5/cds-rhel9:1781525684*
Red Hat Update Infrastructure 5RedHatrhui5/haproxy-rhel9:1781525671*
Red Hat Update Infrastructure 5RedHatrhui5/installer-rhel9:1781525693*
Red Hat Update Infrastructure 5RedHatrhui5/rhua-rhel9:1781525739*
Gnutls28Ubuntuesm-infra/focal*
Gnutls28Ubuntuesm-infra/xenial*
Gnutls28Ubuntufips-preview/jammy*
Gnutls28Ubuntufips-updates/jammy*
Gnutls28Ubuntufips-updates/noble*
Gnutls28Ubuntujammy*
Gnutls28Ubuntunoble*
Gnutls28Ubuntuquesting*
Gnutls28Ubunturesolute*
Gnutls28Ubuntuupstream*

References