CVE-2025-14831

A flaw was found in GnuTLS. This vulnerability allows a denial of service (DoS) by excessive CPU (Central Processing Unit) and memory consumption via specially crafted malicious certificates containing a large number of name constraints and subject alternative names (SANs).

References

https://access.redhat.com/errata/RHSA-2026:13812

https://access.redhat.com/errata/RHSA-2026:3477

https://access.redhat.com/errata/RHSA-2026:4188

https://access.redhat.com/errata/RHSA-2026:4655

https://access.redhat.com/errata/RHSA-2026:4943

https://access.redhat.com/errata/RHSA-2026:5585

https://access.redhat.com/errata/RHSA-2026:5606

https://access.redhat.com/errata/RHSA-2026:6618

https://access.redhat.com/errata/RHSA-2026:6630

https://access.redhat.com/errata/RHSA-2026:6737

https://access.redhat.com/errata/RHSA-2026:6738

https://access.redhat.com/errata/RHSA-2026:7329

https://access.redhat.com/errata/RHSA-2026:7335

https://access.redhat.com/errata/RHSA-2026:7477

https://access.redhat.com/errata/RHSA-2026:8746

https://access.redhat.com/errata/RHSA-2026:8747

https://access.redhat.com/errata/RHSA-2026:8748

https://access.redhat.com/security/cve/CVE-2025-14831

https://bugzilla.redhat.com/show_bug.cgi?id=2423177

https://gitlab.com/gnutls/gnutls/-/issues/1773