Denial of Service Vulnerability in GnuTLS
CVE-2025-14831

5.3MEDIUM

Key Information:

Vendor: Red Hat
Status: Red Hat Enterprise Linux 10; Red Hat Enterprise Linux 10.0 Extended Update Support; Red Hat Enterprise Linux 8; Red Hat Enterprise Linux 9
Vendor: CVE Published:; 9 February 2026

🔔 Create Red Hat Vulnerability Alert

What is CVE-2025-14831?

A vulnerability in GnuTLS allows an attacker to exploit the system's processing capabilities, leading to denial of service (DoS) through specially crafted malicious certificates. These certificates may include a large number of name constraints and subject alternative names (SANs), resulting in excessive consumption of CPU and memory resources. This issue can severely impact performance and availability, making it crucial for affected users to implement the latest security patches.

Affected Version(s)

Red Hat AI Inference Server 3.2 sha256:54616c9f3e4d27120504b0b2020432ef3ff85286a50de7be842f05df0cfcd69e

Red Hat AI Inference Server 3.3 sha256:0ec114881d9dcd28a5dbbb2ec0ea1301ad87d5ae133121ce8167ef29d19802cc

Red Hat AI Inference Server 3.3 sha256:813ba7ccd1696b44deb90d9e6cd8af114bdb47781eae7f27246a81fba062a892

References

https://access.redhat.com/errata/RHSA-2026:3477

vendor-advisoryx_refsource_REDHAT

https://access.redhat.com/errata/RHSA-2026:4188

vendor-advisoryx_refsource_REDHAT

https://access.redhat.com/errata/RHSA-2026:4655

vendor-advisoryx_refsource_REDHAT

CVSS V3.1

Score:

5.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 9, 2026
Vulnerability Reserved
Dec 17, 2025

CVE-2025-14831 Data

.