oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

gnutls 3.8.11 released with fix for CVE-2025-9820

From: Alan Coopersmith <alan.coopersmith () oracle com>
Date: Thu, 20 Nov 2025 10:48:38 -0800
https://www.gnutls.org/security-new.html#GNUTLS-SA-2025-11-18 reports:


GNUTLS-SA-2025-11-18
CVE-2025-9820 Severity Low; Stack write buffer overflow 
When a PKCS#11 token is initialized with gnutls_pkcs11_token_init function and
it is passed a token label longer than 32 characters, it may write past the
boundary of stack allocated memory. The issue was reported in the issue tracker
as #1732.  <https://gitlab.com/gnutls/gnutls/-/issues/1732>

Recommendation: Given the length limit is imposed by the PKCS#11 standard,
the application should check and reject longer label exceeding the limit,
though this was unclear in the GnuTLS documentation. If it is not feasible for
some reason, we would recommend upgrading GnuTLS to 3.8.11 or later versions.
The issue could also be effectively mitigated if you compile the library with
-D_FORTIFY_SOURCE=2.



-------- Forwarded Message --------
Subject: gnutls 3.8.11 released
Date: Thu, 20 Nov 2025 11:57:06 +0900
From: Daiki Ueno <ueno () gnu org>
To: gnutls-help () lists gnutls org
CC: info-gnu () gnu org

Hello,

We have just released gnutls-3.8.11. This is a bug fix, security and
enhancement release on the 3.8.x branch.

We would like to thank everyone who contributed in this release:
Alexander Sosedkin, Alistair Francis, chenjianhu, Daiki Ueno, Daniel
P. Berrangé, David Dudas, fundawang, Hannes Reinecke, Jiasheng Jiang,
Karthik Das, Maxim Cournoyer, Samuel Zeter, Wilfred Mallawa, and Zoltan
Fridrich.

The detailed list of changes follows:

* Version 3.8.11 (released 2025-11-18)

** libgnutls: Fix stack overwrite in gnutls_pkcs11_token_init
   Reported by Luigino Camastra from Aisle Research. [GNUTLS-SA-2025-11-18,
   CVSS: low] [CVE-2025-9820]

** libgnutls: MAC algorithms for PSK binders is now configurable
   The previous implementation assumed HMAC-SHA256 to calculate the
   PSK binders. With the new gnutls_psk_allocate_client_credentials2()
   and gnutls_psk_allocate_server_credentials2() functions, the
   application can use other MAC algorithms such as HMAC-SHA384.

** libgnutls: Expose a new function to provide the maximum record send size
   A new function gnutls_record_get_max_send_size() has been added to
   determine the maximum size of a TLS record to be sent to the peer.

** libgnutls: Expose a new function to update keys without sending a KeyUpdate
   to the peer. A new function gnutls_handshake_update_receiving_key()
   has been added to allow updating the local receiving key without
   sending any KeyUpdate messages.

** libgnutls: PKCS#11 cryptographic provider configuration takes a token URI
   instead of a module path. To allow using a PKCS#11 module exposing
   multiple tokens, the "path" configuration keyword was replaced with
   the "url" keyword.

** libgnutls: Support crypto-auditing probe points
   crypto-auditing is a project to monitor which cryptographic
   operations are taking place in the library at run time, through
   eBPF. This adds necessary probe points for that, in public key
   cryptography and the TLS use-case. To enable this, run configure
   with --enable-crypto-auditing.

** build: The minimum version of Nettle has been updated to 3.10
   Given Nettle 3.10 is ABI compatible with 3.6 and includes several
   security relevant fixes, the library's minimum requirement of
   Nettle is updated to 3.10.

** build: The default priority file path is now constructed from sysconfdir
   Previously, the location of the default priority file was
   hard-coded to be /etc/gnutls/config. Now it takes into account of
   the --sysconfdir option given to the configure script.

** API and ABI modifications:
gnutls_psk_allocate_client_credentials2: New function
gnutls_psk_allocate_server_credentials2: New function
gnutls_record_get_max_send_size: New function
gnutls_handshake_update_receiving_key: New function
gnutls_audit_push_context: New function
gnutls_audit_pop_context: New function
gnutls_audit_current_context: New function

Getting the Software
================

GnuTLS may be downloaded directly from
https://www.gnupg.org/ftp/gcrypt/
A list of GnuTLS mirrors can be found at
http://www.gnutls.org/download.html

Here are the XZ compressed sources:
https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/gnutls-3.8.11.tar.xz

Here are OpenPGP detached signatures signed using key:
462225C3B46F34879FC8496CD605848ED7E69871
https://www.gnupg.org/ftp/gcrypt/gnutls/v3.8/gnutls-3.8.11.tar.xz.sig

Note that it has been signed with my openpgp key:
pub   rsa4096 2009-07-23 [SC] [expires: 2026-06-29]
      462225C3B46F34879FC8496CD605848ED7E69871
uid           [ultimate] Daiki Ueno <ueno () unixuser org>
uid           [ultimate] Daiki Ueno <ueno () gnu org>
sub   rsa4096 2010-02-04 [E]

Regards,
--
Daiki Ueno
Previous By Date Next
Previous By Thread Next

Current thread: