← voltar
CVE-2026-42012

Gnutls: gnutls: certificate validation bypass due to improper handling of uri and srv sans

CVSS 7.1 HIGHEPSS 0.3%CWE-295
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 7.1EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch referenciado
Ciclo de vida
26 mai 2026Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
A flaw was found in gnutls. A remote attacker could exploit this vulnerability by presenting a specially crafted certificate that contains Uniform Resource Identifier (URI) or Service (SRV) Subject Alternative Names (SANs). This could cause the certificate validation process to incorrectly fall back to checking DNS hostnames against the Common Name (CN), potentially allowing the attacker to spoof legitimate services or intercept sensitive information.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:N
Produtos afetados
Red Hat · Red Hat Discovery 2Red Hat · Red Hat Enterprise Linux 10Red Hat · Red Hat Enterprise Linux 10.0 Extended Update SupportRed Hat · Red Hat Enterprise Linux 6Red Hat · Red Hat Enterprise Linux 7Red Hat · Red Hat Enterprise Linux 8Red Hat · Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update SupportRed Hat · Red Hat Enterprise Linux 8.6 Extended Update Support Long-Life Add-OnRed Hat · Red Hat Enterprise Linux 8.8 Telecommunications Update ServiceRed Hat · Red Hat Enterprise Linux 8.8 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9Red Hat · Red Hat Enterprise Linux 9.4 Update Services for SAP SolutionsRed Hat · Red Hat Enterprise Linux 9.6 Extended Update SupportRed Hat · Red Hat Hardened ImagesRed Hat · Red Hat OpenShift Container Platform 4Red Hat · Red Hat Update Infrastructure 5

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://access.redhat.com/errata/RHSA-2026:20611https://access.redhat.com/errata/RHSA-2026:20612https://access.redhat.com/errata/RHSA-2026:20613https://access.redhat.com/errata/RHSA-2026:26319https://access.redhat.com/errata/RHSA-2026:26409https://access.redhat.com/errata/RHSA-2026:29197https://access.redhat.com/errata/RHSA-2026:30004https://access.redhat.com/errata/RHSA-2026:30849https://access.redhat.com/errata/RHSA-2026:30850https://access.redhat.com/errata/RHSA-2026:32962https://access.redhat.com/security/cve/CVE-2026-42012https://bugzilla.redhat.com/show_bug.cgi?id=2467441