Cyber Posture

CVE-2025-32988

Medium

Published: 10 July 2025

Published
10 July 2025
Modified
20 April 2026
KEV Added
Patch
CVSS Score 6.5 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H
EPSS Score 0.0023 45.4th percentile
Risk Priority 13 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-32988 is a medium-severity Double Free (CWE-415) vulnerability in Redhat Enterprise Linux. Its CVSS base score is 6.5 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 45.4th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploit Public-Facing Application (T1190).
Threat & Defense Details

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
attack.mitre.org →
Why these techniques?

Remote unauthenticated trigger of memory corruption in GnuTLS (used by network services) directly enables exploitation of public-facing applications for DoS/memory impact.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v18.1

NVD Description

A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will…

more

call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.

Deeper analysisAI

CVE-2025-32988 is a double-free vulnerability in the GnuTLS library, caused by incorrect ownership handling in the export logic for Subject Alternative Name (SAN) entries containing an otherName. When the type-id OID is invalid or malformed, GnuTLS calls asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This flaw, classified under CWE-415, affects GnuTLS and was published on 2025-07-10 with a CVSS v3.1 base score of 6.5 (AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H).

The vulnerability can be triggered remotely by unauthenticated attackers using only public GnuTLS APIs, though it requires high attack complexity. Successful exploitation may result in denial of service or memory corruption, depending on the behavior of the underlying memory allocator.

Red Hat has released multiple errata addressing this vulnerability, including RHSA-2025:16115, RHSA-2025:16116, RHSA-2025:17181, RHSA-2025:17348, and RHSA-2025:17361, which provide updated packages or patches for affected systems.

Details

CWE(s)
CWE-415

Affected Products

gnu
gnutls
≤ 3.8.10
redhat
openshift container platform
4.0
redhat
enterprise linux
10.0, 6.0, 7.0, 8.0, 9.0

CVEs Like This One

CVE-2026-33845Same product: Gnu Gnutls
CVE-2025-32990Same product: Gnu Gnutls
CVE-2025-0678Same product: Redhat Enterprise Linux
CVE-2026-3441Same product: Redhat Enterprise Linux
CVE-2026-3442Same product: Redhat Enterprise Linux
CVE-2024-45782Same product: Redhat Enterprise Linux
CVE-2026-5121Same product: Redhat Enterprise Linux
CVE-2026-4424Same product: Redhat Enterprise Linux
CVE-2026-1584Same product: Gnu Gnutls
CVE-2026-23918Shared CWE-415

References