CVE-2026-42009
HIGH severity · CVSS 7.5 · CWE-475
7.5CVSS HIGH
Summary
A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.
Impact & exploitability
Attack vectorNetwork
Attack complexityLow
Privileges requiredNone
User interactionNone
Confidentiality impactNone
Integrity impactNone
Availability impactHigh
Exploit probability (EPSS)1%
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Affected products we track (1)
Recommendation
Apply the vendor fix promptly. Open any affected product above for its exact safe version.
Additional information
- NVD record
- https://access.redhat.com/errata/RHSA-2026:13274Advisory
- https://access.redhat.com/errata/RHSA-2026:20611Advisory
- https://access.redhat.com/errata/RHSA-2026:20612Advisory
- https://access.redhat.com/errata/RHSA-2026:20613Advisory
- https://access.redhat.com/errata/RHSA-2026:26319
- https://access.redhat.com/errata/RHSA-2026:26409
- https://access.redhat.com/security/cve/CVE-2026-42009Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2467279Advisory