FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

GnuTLS -- Stack write buffer overflow

Affected packages
gnutls < 3.8.11

Details

VuXML ID b6835edf-c6c8-11f0-8471-74563cf9e4e9
Discovery 2025-11-18
Entry 2025-11-21

GnuTLS reports:

When a PKCS#11 token is initialized with gnutls_pkcs11_token_init function and it is passed a token label longer than 32 characters, it may write past the boundary of stack allocated memory.

[source]

References

CVE Name CVE-2025-9820
URL https://gnutls.org/security-new.html#GNUTLS-SA-2025-11-18

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.