A flaw in GnuTLS DTLS handshake parsing allows malformed...
High severity
Unreviewed
Published
Apr 30, 2026
to the GitHub Advisory Database
•
Updated Jul 6, 2026
Description
Published by the National Vulnerability Database
Apr 30, 2026
Published to the GitHub Advisory Database
Apr 30, 2026
Last updated
Jul 6, 2026
A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.
References