gnutls: Double-free in GnuTLS ASN.1 export logic (Subject Alternative Name otherName) (CVE-2025-32988) #shorts

Summary

In this episode we discuss CVE-2025-32988, a critical double-free vulnerability in GnuTLS that can be triggered remotely via malformed Subject Alternative Name entries. An attacker can exploit this flaw through public GnuTLS APIs to cause denial of service or memory corruption in affected applications.

Product details

GnuTLS is a widely used open-source library for implementing TLS, SSL, and DTLS protocols. It’s bundled in many Linux distributions and container platforms, including SUSE and Red Hat Enterprise Linux up to version 9, as well as OpenShift Container Platform 4.

Vulnerability type summary

This is a double-free vulnerability arising from incorrect ownership handling in the export logic of ASN.1 Subject Alternative Name otherName entries. When an invalid or malformed type-id OID is processed, GnuTLS frees the same ASN.1 structure twice.

Details of the vulnerability

Within GnuTLS’s SAN export code, malformed otherName entries trigger asn1_delete_structure() on a node the library doesn’t own. The parent function then frees it again, leading to memory corruption or crash. Since only public APIs are required, an attacker can craft a malicious certificate or handshake payload over the network to trigger the issue.

Conclusion

Administrators and developers should update GnuTLS to version 3.8.10 or later immediately. SUSE and other vendors have released security patches addressing CVE-2025-32988 along with other fixes. Apply updates, review your TLS-using services, and monitor for unexpected crashes to mitigate risk.

Watch the full video on YouTube: CVE-2025-32988

Remediation and exploitation details

This chain involves the following actors

  • Attacker: Crafts and delivers malformed data to trigger the vulnerability
  • System Administrator: Maintains affected systems and applies updates
  • Software Vendor: Provides patches for the GnuTLS library

This following systems are involved

  • GnuTLS library (Provides cryptographic functions and secure communication protocols): Processes certificates and handles Subject Alternative Name extensions
  • Client or Server Application (Uses GnuTLS for establishing secure connections): Imports and exports certificates through the GnuTLS library

Attack entry point

  • Certificate Parsing Routine: Function in GnuTLS that processes Subject Alternative Name entries using public APIs

Remediation actions

System Administrator
Install the updated GnuTLS package version 3.8.10 or later
Affected hosts
Software Vendor
Release patches correcting the ownership handling in the ASN.1 export logic
GnuTLS library source and binary packages
System Administrator
Apply vendor-supplied patches for enterprise distributions
Red Hat Enterprise Linux and SUSE Linux Enterprise Server

Exploitation actions

Certificate creation with invalid object identifier in SAN entry

Attacker
Generate a certificate with a Subject Alternative Name entry containing an otherName field and a malformed object identifier
Client or Server Application using GnuTLS
Examples:
  • Call gnutls_x509_crt_set_subject_alt_name with type GNUTLS_SAN_OTHERNAME and supply an invalid OID string

Certificate import via public API

Attacker
Load the crafted certificate into the target application so GnuTLS parses it
Client or Server Application using GnuTLS
Examples:
  • Invoke gnutls_x509_crt_import on the crafted certificate data

Export SAN entries with malformed type identifier

Attacker
Invoke the export function for SAN entries to trigger the flawed ownership logic
Client or Server Application using GnuTLS
Examples:
  • Execute gnutls_x509_crt_get_subject_alt_name and then serialize the extension data

Double free of ASN.1 node

Attacker
Cause GnuTLS to free the same ASN.1 node twice—once inside the export logic and once by the caller
GnuTLS library
Examples:
  • Observe asn1_delete_structure being called on the same node twice, leading to memory corruption

Denial of service or arbitrary memory corruption via double free

Attacker
Exploit the resulting memory corruption to cause a denial of service or achieve further corruption
Target Application Process
Examples:
  • Application crashes or behaves unpredictably when handling the malformed SAN entry

Related Content

NOTE: The following related content has not been vetted and may be unsafe.

CVE database technical details

CVE ID
CVE-2025-32988
Description
A flaw was found in GnuTLS. A double-free vulnerability exists in GnuTLS due to incorrect ownership handling in the export logic of Subject Alternative Name (SAN) entries containing an otherName. If the type-id OID is invalid or malformed, GnuTLS will call asn1_delete_structure() on an ASN.1 node it does not own, leading to a double-free condition when the parent function or caller later attempts to free the same structure. This vulnerability can be triggered using only public GnuTLS APIs and may result in denial of service or memory corruption, depending on allocator behavior.
Provider
redhat
CWE / problem types
Double Free
Affected Software Versions
None:None:[{'status': 'affected', 'version': '0', 'lessThan': '3.8.10', 'versionType': 'semver'}],Red Hat:Red Hat Enterprise Linux 10:None,Red Hat:Red Hat Enterprise Linux 6:None,Red Hat:Red Hat Enterprise Linux 7:None,Red Hat:Red Hat Enterprise Linux 8:None,Red Hat:Red Hat Enterprise Linux 9:None,Red Hat:Red Hat OpenShift Container Platform 4:None
Date Published
2025-07-10T08:04:57.991Z
Last Updated
2025-07-25T18:59:24.273Z