TLS Handshake Vulnerability in GnuTLS Affecting Remote Connections
CVE-2026-3832

3.7LOW

Key Information:

Vendor

Red Hat
Status
Red Hat Enterprise Linux 10
Red Hat Enterprise Linux 6
Red Hat Enterprise Linux 7
Red Hat Enterprise Linux 8
Vendor
CVE Published:
30 April 2026

What is CVE-2026-3832?

A flaw in GnuTLS may enable a remote attacker to exploit Online Certificate Status Protocol (OCSP) responses during a TLS handshake. Specifically, due to a logic error in how GnuTLS processes multi-record OCSP responses, clients with OCSP verification enabled may mistakenly accept a revoked server certificate. This defect can lead to a compromise of trust between clients and servers, potentially allowing for unauthorized access and exploitation.

References

https://access.redhat.com/security/cve/CVE-2026-3832
vdb-entryx_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=2445762
issue-trackingx_refsource_REDHAT
https://gitlab.com/gnutls/gnutls/-/issues/1801

CVSS V3.1

Score:
3.7
Severity:
LOW
Confidentiality:
Low
Integrity:
None
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.