Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
Gnutls update fixes excessive resource consumption bug
SUSE-SU-2026:0862-1
Summary
This update addresses a security issue in Gnutls that could cause a denial-of-service (DoS) attack by consuming excessive system resources. The issue is related to how Gnutls handles certain types of malicious certificates. Apply the update to ensure your system remains secure.
What to do
- Update gnutls to version 3.7.3-150400.4.56.1.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| – | gnutls | <= 3.7.3-150400.4.56.1 | 3.7.3-150400.4.56.1 |
| – | gnutls | <= 3.7.3-150400.4.56.1 | 3.7.3-150400.4.56.1 |
Original title
Security update for gnutls
Original description
This update for gnutls fixes the following issues:
- CVE-2025-14831: excessive resource consumption when verifying specially crafted malicious certificates containing
a large number of name constraints and subject alternative names (SANs) (bsc#1257960).
- CVE-2025-14831: excessive resource consumption when verifying specially crafted malicious certificates containing
a large number of name constraints and subject alternative names (SANs) (bsc#1257960).
- https://www.suse.com/support/update/announcement/2026/suse-su-20260862-1/ Vendor Advisory
- https://bugzilla.suse.com/1257960 Third Party Advisory
- https://www.suse.com/security/cve/CVE-2025-14831 URL
Published: 11 Mar 2026 · Updated: 13 Mar 2026 · First seen: 13 Mar 2026