← Back to CVE List
CVE-2026-33845NVD
Vulnerability Summary
A flaw in GnuTLS DTLS handshake parsing allows malformed fragments with zero length and non-zero offset, leading to an integer underflow during reassembly and resulting in an out-of-bounds read. This issue is remotely exploitable and may cause information disclosure or denial of service.
CVSS v3.1 Base Metrics
Attack VectorNetwork
Attack ComplexityLow
Privileges RequiredNone
User InteractionNone
ScopeUnchanged
ConfidentialityNone
IntegrityNone
AvailabilityHigh
External References
- https://access.redhat.com/errata/RHSA-2026:13274
- https://access.redhat.com/errata/RHSA-2026:20611
- https://access.redhat.com/errata/RHSA-2026:20612
- https://access.redhat.com/errata/RHSA-2026:20613
- https://access.redhat.com/errata/RHSA-2026:26319
- https://access.redhat.com/errata/RHSA-2026:26409
- https://access.redhat.com/errata/RHSA-2026:29197
- https://access.redhat.com/errata/RHSA-2026:30004
- https://access.redhat.com/errata/RHSA-2026:30849
- https://access.redhat.com/errata/RHSA-2026:30850
- https://access.redhat.com/errata/RHSA-2026:32962
- https://access.redhat.com/errata/RHSA-2026:33125
- https://access.redhat.com/errata/RHSA-2026:34372
- https://access.redhat.com/security/cve/CVE-2026-33845
- https://bugzilla.redhat.com/show_bug.cgi?id=2450624
- https://access.redhat.com/errata/RHSA-2026:13274
- https://access.redhat.com/errata/RHSA-2026:20611
- https://access.redhat.com/errata/RHSA-2026:20612
- https://access.redhat.com/errata/RHSA-2026:20613
- https://access.redhat.com/errata/RHSA-2026:26319
- https://access.redhat.com/errata/RHSA-2026:26409
- https://access.redhat.com/errata/RHSA-2026:29197
- https://access.redhat.com/errata/RHSA-2026:30004
- https://access.redhat.com/errata/RHSA-2026:30849
- https://access.redhat.com/errata/RHSA-2026:30850
- https://access.redhat.com/errata/RHSA-2026:32962
- https://access.redhat.com/errata/RHSA-2026:33125
- https://access.redhat.com/errata/RHSA-2026:34372
- https://access.redhat.com/security/cve/CVE-2026-33845
- https://bugzilla.redhat.com/show_bug.cgi?id=2450624
- https://security.access.redhat.com/data/csaf/v2/vex/2026/cve-2026-33845.json