Gnutls update fixes resource consumption and other issues

Monitor vulnerabilities like this one. Sign up free to get alerted when software you use is affected.

Gnutls update fixes resource consumption and other issues

Summary

This update for gnutls fixes a security issue that could cause excessive resource consumption when verifying certain malicious certificates. It also addresses other issues, including a memory leak and incorrect binder calculations. Update your gnutls software to ensure your systems remain secure.

What to do

Update gnutls to version 3.8.3-150600.4.17.1.

Affected software

Vendor	Product	Affected versions	Fix available
–	gnutls	<= 3.8.3-150600.4.17.1	3.8.3-150600.4.17.1
–	gnutls	<= 3.8.3-150600.4.17.1	3.8.3-150600.4.17.1

Original title

Security update for gnutls

Original description

This update for gnutls fixes the following issues:

Security issue:

- CVE-2025-14831: excessive resource consumption when verifying specially crafted malicious certificates containing a
large number of name constraints and subject alternative names (bsc#1257960).

Other updates and bugfixes:

- update libgnutls package to avoid binder getting calculated with SHA256 (bsc#1258083, jsc#PED-15752, jsc#PED-15753).
- lib/psk: Add gnutls_psk_allocate_{client,server}_credentials2
- tests/psk-file: Add testing for _credentials2 functions
- lib/psk: add null check for binder algo
- pre_shared_key: fix memleak when retrying with different binder algo
- pre_shared_key: add null check on pskcred

https://www.suse.com/support/update/announcement/2026/suse-su-20260829-1/ Vendor Advisory
https://bugzilla.suse.com/1257960 Third Party Advisory
https://bugzilla.suse.com/1258083 Third Party Advisory
https://www.suse.com/security/cve/CVE-2025-14831 URL

Published: 5 Mar 2026 · Updated: 6 Mar 2026 · First seen: 6 Mar 2026