CVE-2026-42009
Last modified
CVE-2026-42009 is a high-severity vulnerability rated 7.5/10 on the CVSS scale. A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. EPSS estimates a 1.23% chance of exploitation in the next 30 days.
Description
A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.
Metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Gnu | Gnutls | All versions |
| Redhat | Hardened Images | All versions |
| Redhat | Openshift Container Platform | 4.0 |
| Redhat | Enterprise Linux | 6.0 |
| Redhat | Enterprise Linux | 7.0 |
| Redhat | Enterprise Linux | 8.0 |
| Redhat | Enterprise Linux For Els | 8.10 |
| Redhat | Enterprise Linux For Ibm Z Systems | 8.0_s390x |
| Redhat | Enterprise Linux For Ibm Z Systems Els | 8.10 |
| Redhat | Enterprise Linux For Power Little Endian | 8.0_ppc64le |
| Redhat | Enterprise Linux For Power Little Endian Els | 8.10 |
| Redhat | Enterprise Linux | 9.0 |
| Redhat | Enterprise Linux | 9.8 |
| Redhat | Enterprise Linux For Els | 9.8 |
| Redhat | Enterprise Linux For Eus | 9.8 |
| Redhat | Enterprise Linux For Ibm Z Systems | 9.0_s390x |
| Redhat | Enterprise Linux For Ibm Z Systems Els | 9.8 |
| Redhat | Enterprise Linux For Ibm Z Systems Eus | 9.8 |
| Redhat | Enterprise Linux For Power Little Endian | 9.0_ppc64le |
| Redhat | Enterprise Linux For Power Little Endian Els | 9.8 |
| Redhat | Enterprise Linux For Power Little Endian Eus | 9.8 |
| Redhat | Enterprise Linux For Update Services For Sap Solutions | 9.8 |
| Redhat | Enterprise Linux Server For Power Little Endian Update Services For Sap Solutions | 9.8 |
| Redhat | Enterprise Linux | 10.0 |
| Redhat | Enterprise Linux | 10.2 |
| Redhat | Enterprise Linux For Els | 10.2 |
| Redhat | Enterprise Linux For Eus | 10.2 |
| Redhat | Enterprise Linux For Ibm Z Systems | 10.2 |
| Redhat | Enterprise Linux For Ibm Z Systems Els | 10.2 |
| Redhat | Enterprise Linux For Ibm Z Systems Eus | 10.2 |
| Redhat | Enterprise Linux For Power Little Endian | 10.0 |
| Redhat | Enterprise Linux For Power Little Endian | 10.2 |
| Redhat | Enterprise Linux For Power Little Endian Els | 10.2 |
| Redhat | Enterprise Linux For Power Little Endian Eus | 10.2 |
References
- https://access.redhat.com/errata/RHSA-2026:13274Third Party Advisory
- https://access.redhat.com/errata/RHSA-2026:20611Third Party Advisory
- https://access.redhat.com/errata/RHSA-2026:20612Third Party Advisory
- https://access.redhat.com/errata/RHSA-2026:20613Third Party Advisory
- https://access.redhat.com/security/cve/CVE-2026-42009Third Party Advisory
- https://bugzilla.redhat.com/show_bug.cgi?id=2467279Issue Tracking, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2026-42009?
How severe is CVE-2026-42009?
How do I fix CVE-2026-42009?
Are you affected by CVE-2026-42009?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST