CVE-2026-42009

Discovered by AISLEPUBLISHEDCWE-475

Description

A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.

CVSS Base Scores

CVSS v3.1(Primary)

7.5

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Affected Products

Vendor	Product	Version	Status
Red Hat	GnuTLS	0:3.6.16-8.el8_10.6	unaffected
Red Hat	GnuTLS	3.8.13-1.hum1	—

Credits

Red Hat would like to thank Joshua Rogers (AISLE Research Team) for reporting this issue.

References

https://access.redhat.com/errata/RHSA-2026:13274
https://access.redhat.com/errata/RHSA-2026:20611
https://access.redhat.com/security/cve/CVE-2026-42009
https://bugzilla.redhat.com/show_bug.cgi?id=2467279