CVE-2025-6395

Опубликовано: 10 июл. 2025

Источник: debian

EPSS Низкий

Описание

A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
gnutls28	fixed	3.8.9-3		package

Примечания

https://lists.gnupg.org/pipermail/gnutls-help/2025-July/004883.html
Fixed by: https://gitlab.com/gnutls/gnutls/-/commit/23135619773e6ec087ff2abc65405bd4d5676bad (3.8.10)

EPSS

Процентиль: 16%

0.00053

Низкий

Связанные уязвимости

CVE-2025-6395

CVSS3: 6.5

ubuntu

24 дня назад

A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().

CVE-2025-6395

CVSS3: 6.5

redhat

24 дня назад

A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().

CVE-2025-6395

CVSS3: 6.5

nvd

24 дня назад

A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().

CVE-2025-6395

CVSS3: 6.5

msrc

17 дней назад

Описание отсутствует

GHSA-prf7-7jvx-hxj5

CVSS3: 6.5

github

23 дня назад

A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite(). When it reads certain settings from a template file, it can allow an attacker to cause an out-of-bounds (OOB) NULL pointer write, resulting in memory corruption and a denial of service (DoS) that could crash the system.

EPSS

Процентиль: 16%

0.00053

Низкий