{
  "threat_severity" : "Important",
  "public_date" : "2026-04-29T00:00:00Z",
  "bugzilla" : {
    "description" : "gnutls: gnutls: Denial of Service via DTLS packet reordering vulnerability",
    "id" : "2467279",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2467279"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.5",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-475",
  "details" : [ "A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.", "A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service." ],
  "statement" : "The impact for this flaw has been downgraded on Red Hat Enterprise Linux due to the following reason:\n- The number of elements passed to the vulnerable function at runtime is known and is at most 6 and the element size is sufficiently small. glibc’s qsort implementation will not exercise the quick sort code path, which would otherwise cause an infloop or out-of-bound write.",
  "acknowledgement" : "Red Hat would like to thank Joshua Rogers (AISLE Research Team) for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2026-05-26T00:00:00Z",
    "advisory" : "RHSA-2026:20611",
    "cpe" : "cpe:/a:redhat:enterprise_linux:8",
    "package" : "gnutls-0:3.6.16-8.el8_10.6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "release_date" : "2026-05-26T00:00:00Z",
    "advisory" : "RHSA-2026:20611",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8",
    "package" : "gnutls-0:3.6.16-8.el8_10.6"
  }, {
    "product_name" : "Red Hat Hardened Images",
    "release_date" : "2026-05-02T00:00:00Z",
    "advisory" : "RHSA-2026:13274",
    "cpe" : "cpe:/a:redhat:hummingbird:1",
    "package" : "gnutls-main-3.8.13-1.hum1",
    "impact" : "important"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 10",
    "fix_state" : "Affected",
    "package_name" : "gnutls",
    "cpe" : "cpe:/o:redhat:enterprise_linux:10"
  }, {
    "product_name" : "Red Hat Enterprise Linux 6",
    "fix_state" : "Affected",
    "package_name" : "gnutls",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6"
  }, {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Affected",
    "package_name" : "gnutls",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 9",
    "fix_state" : "Affected",
    "package_name" : "gnutls",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4",
    "fix_state" : "Affected",
    "package_name" : "rhcos",
    "cpe" : "cpe:/a:redhat:openshift:4"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2026-42009\nhttps://nvd.nist.gov/vuln/detail/CVE-2026-42009" ],
  "name" : "CVE-2026-42009",
  "csaw" : false
}