UBUNTU-CVE-2026-42009
- Source
- https://ubuntu.com/security/CVE-2026-42009
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-42009.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-42009
- Upstream
- Downstream
- Related
- Published
- 2026-04-30T00:00:00Z
- Modified
- 2026-06-02T12:00:08.420027253Z
- Severity
-
- 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Ubuntu - medium
- Summary
- [none]
- Details
-
A flaw was found in gnutls. A remote attacker could exploit an issue in the Datagram Transport Layer Security (DTLS) packet reordering logic. The comparator function, responsible for ordering DTLS packets by sequence numbers, did not correctly handle packets with duplicate sequence numbers. This could lead to unstable packet ordering or undefined behavior, resulting in a denial of service.
- References
Affected packages
Ubuntu:22.04:LTS
gnutls28
Package
- Name
- gnutls28
- Purl
- pkg:deb/ubuntu/gnutls28?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.7.3-4ubuntu1.9
Affected versions
3.*
3.7.1-5ubuntu1
3.7.2-2ubuntu1
3.7.2-4ubuntu1
3.7.2-5ubuntu1
3.7.3-4ubuntu1
3.7.3-4ubuntu1.1
3.7.3-4ubuntu1.2
3.7.3-4ubuntu1.3
3.7.3-4ubuntu1.4
3.7.3-4ubuntu1.5
3.7.3-4ubuntu1.6
3.7.3-4ubuntu1.7
3.7.3-4ubuntu1.8
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "gnutls-bin",
"binary_version": "3.7.3-4ubuntu1.9"
},
{
"binary_name": "guile-gnutls",
"binary_version": "3.7.3-4ubuntu1.9"
},
{
"binary_name": "libgnutls-dane0",
"binary_version": "3.7.3-4ubuntu1.9"
},
{
"binary_name": "libgnutls-openssl27",
"binary_version": "3.7.3-4ubuntu1.9"
},
{
"binary_name": "libgnutls30",
"binary_version": "3.7.3-4ubuntu1.9"
},
{
"binary_name": "libgnutlsxx28",
"binary_version": "3.7.3-4ubuntu1.9"
}
]
}Ubuntu:24.04:LTS
gnutls28
Package
- Name
- gnutls28
- Purl
- pkg:deb/ubuntu/gnutls28?arch=source&distro=noble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.8.3-1.1ubuntu3.6
Affected versions
3.*
3.8.1-4ubuntu1
3.8.1-4ubuntu6
3.8.1-4ubuntu7
3.8.3-1ubuntu1
3.8.3-1.1ubuntu2
3.8.3-1.1ubuntu3
3.8.3-1.1ubuntu3.1
3.8.3-1.1ubuntu3.2
3.8.3-1.1ubuntu3.3
3.8.3-1.1ubuntu3.4
3.8.3-1.1ubuntu3.5
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "gnutls-bin",
"binary_version": "3.8.3-1.1ubuntu3.6"
},
{
"binary_name": "libgnutls-dane0t64",
"binary_version": "3.8.3-1.1ubuntu3.6"
},
{
"binary_name": "libgnutls-openssl27t64",
"binary_version": "3.8.3-1.1ubuntu3.6"
},
{
"binary_name": "libgnutls30t64",
"binary_version": "3.8.3-1.1ubuntu3.6"
}
]
}Ubuntu:25.10
gnutls28
Package
- Name
- gnutls28
- Purl
- pkg:deb/ubuntu/gnutls28?arch=source&distro=questing
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.8.9-3ubuntu2.2
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "gnutls-bin",
"binary_version": "3.8.9-3ubuntu2.2"
},
{
"binary_name": "libgnutls-dane0t64",
"binary_version": "3.8.9-3ubuntu2.2"
},
{
"binary_name": "libgnutls-openssl27t64",
"binary_version": "3.8.9-3ubuntu2.2"
},
{
"binary_name": "libgnutls30t64",
"binary_version": "3.8.9-3ubuntu2.2"
}
]
}Ubuntu:26.04:LTS
gnutls28
Package
- Name
- gnutls28
- Purl
- pkg:deb/ubuntu/gnutls28?arch=source&distro=resolute
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.8.12-2ubuntu1.1
Ecosystem specific
{
"availability": "No subscription required",
"binaries": [
{
"binary_name": "gnutls-bin",
"binary_version": "3.8.12-2ubuntu1.1"
},
{
"binary_name": "libgnutls-dane0t64",
"binary_version": "3.8.12-2ubuntu1.1"
},
{
"binary_name": "libgnutls-openssl27t64",
"binary_version": "3.8.12-2ubuntu1.1"
},
{
"binary_name": "libgnutls30t64",
"binary_version": "3.8.12-2ubuntu1.1"
}
]
}Ubuntu:Pro:16.04:LTS
gnutls28
Package
- Name
- gnutls28
- Purl
- pkg:deb/ubuntu/gnutls28?arch=source&distro=esm-infra%2Fxenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.3.15-5ubuntu2
3.3.18-1ubuntu1
3.3.20-1ubuntu1
3.4.9-2ubuntu1
3.4.10-4ubuntu1
3.4.10-4ubuntu1.1
3.4.10-4ubuntu1.2
3.4.10-4ubuntu1.3
3.4.10-4ubuntu1.4
3.4.10-4ubuntu1.5
3.4.10-4ubuntu1.6
3.4.10-4ubuntu1.7
3.4.10-4ubuntu1.8
3.4.10-4ubuntu1.9
3.4.10-4ubuntu1.9+esm1
3.4.10-4ubuntu1.9+esm2
Ecosystem specific
{
"binaries": [
{
"binary_name": "gnutls-bin",
"binary_version": "3.4.10-4ubuntu1.9+esm2"
},
{
"binary_name": "guile-gnutls",
"binary_version": "3.4.10-4ubuntu1.9+esm2"
},
{
"binary_name": "libgnutls-openssl27",
"binary_version": "3.4.10-4ubuntu1.9+esm2"
},
{
"binary_name": "libgnutls30",
"binary_version": "3.4.10-4ubuntu1.9+esm2"
},
{
"binary_name": "libgnutlsxx28",
"binary_version": "3.4.10-4ubuntu1.9+esm2"
}
]
}Ubuntu:Pro:18.04:LTS
gnutls28
Package
- Name
- gnutls28
- Purl
- pkg:deb/ubuntu/gnutls28?arch=source&distro=esm-infra%2Fbionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.5.8-6ubuntu3
3.5.17-1ubuntu1
3.5.17-1ubuntu3
3.5.18-1ubuntu1
3.5.18-1ubuntu1.1
3.5.18-1ubuntu1.2
3.5.18-1ubuntu1.3
3.5.18-1ubuntu1.4
3.5.18-1ubuntu1.5
3.5.18-1ubuntu1.6
3.5.18-1ubuntu1.6+esm1
3.5.18-1ubuntu1.6+esm2
Ecosystem specific
{
"binaries": [
{
"binary_name": "gnutls-bin",
"binary_version": "3.5.18-1ubuntu1.6+esm2"
},
{
"binary_name": "libgnutls-dane0",
"binary_version": "3.5.18-1ubuntu1.6+esm2"
},
{
"binary_name": "libgnutls-openssl27",
"binary_version": "3.5.18-1ubuntu1.6+esm2"
},
{
"binary_name": "libgnutls30",
"binary_version": "3.5.18-1ubuntu1.6+esm2"
},
{
"binary_name": "libgnutlsxx28",
"binary_version": "3.5.18-1ubuntu1.6+esm2"
}
]
}Ubuntu:Pro:20.04:LTS
gnutls28
Package
- Name
- gnutls28
- Purl
- pkg:deb/ubuntu/gnutls28?arch=source&distro=esm-infra%2Ffocal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Affected versions
3.*
3.6.9-5ubuntu1
3.6.9-5ubuntu2
3.6.10-5
3.6.11.1-2
3.6.11.1-2ubuntu2
3.6.13-2ubuntu1
3.6.13-2ubuntu1.1
3.6.13-2ubuntu1.2
3.6.13-2ubuntu1.3
3.6.13-2ubuntu1.6
3.6.13-2ubuntu1.7
3.6.13-2ubuntu1.8
3.6.13-2ubuntu1.9
3.6.13-2ubuntu1.10
3.6.13-2ubuntu1.11
3.6.13-2ubuntu1.12
3.6.13-2ubuntu1.12+esm1
Ecosystem specific
{
"binaries": [
{
"binary_name": "gnutls-bin",
"binary_version": "3.6.13-2ubuntu1.12+esm1"
},
{
"binary_name": "guile-gnutls",
"binary_version": "3.6.13-2ubuntu1.12+esm1"
},
{
"binary_name": "libgnutls-dane0",
"binary_version": "3.6.13-2ubuntu1.12+esm1"
},
{
"binary_name": "libgnutls-openssl27",
"binary_version": "3.6.13-2ubuntu1.12+esm1"
},
{
"binary_name": "libgnutls30",
"binary_version": "3.6.13-2ubuntu1.12+esm1"
},
{
"binary_name": "libgnutlsxx28",
"binary_version": "3.6.13-2ubuntu1.12+esm1"
}
]
}Ubuntu:Pro:FIPS-preview:22.04:LTS
gnutls28
Package
- Name
- gnutls28
- Purl
- pkg:deb/ubuntu/gnutls28?arch=source&distro=fips-preview%2Fjammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affected
Ecosystem specific
{
"binaries": [
{
"binary_name": "gnutls-bin",
"binary_version": "3.7.3-4ubuntu1.2+Fips1.1"
},
{
"binary_name": "guile-gnutls",
"binary_version": "3.7.3-4ubuntu1.2+Fips1.1"
},
{
"binary_name": "libgnutls-dane0",
"binary_version": "3.7.3-4ubuntu1.2+Fips1.1"
},
{
"binary_name": "libgnutls-openssl27",
"binary_version": "3.7.3-4ubuntu1.2+Fips1.1"
},
{
"binary_name": "libgnutls30",
"binary_version": "3.7.3-4ubuntu1.2+Fips1.1"
},
{
"binary_name": "libgnutlsxx28",
"binary_version": "3.7.3-4ubuntu1.2+Fips1.1"
}
]
}Ubuntu:Pro:FIPS-updates:22.04:LTS
gnutls28
Package
- Name
- gnutls28
- Purl
- pkg:deb/ubuntu/gnutls28?arch=source&distro=fips-updates%2Fjammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.7.3-4ubuntu1.9+Fips1
Affected versions
3.*
3.7.3-4ubuntu1.2+Fips1.1
3.7.3-4ubuntu1.3+Fips1.1
3.7.3-4ubuntu1.4+Fips1
3.7.3-4ubuntu1.5+Fips1
3.7.3-4ubuntu1.6+Fips1
3.7.3-4ubuntu1.7+Fips1
3.7.3-4ubuntu1.7+Fips1.1
3.7.3-4ubuntu1.8+Fips1.1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "gnutls-bin",
"binary_version": "3.7.3-4ubuntu1.9+Fips1"
},
{
"binary_name": "guile-gnutls",
"binary_version": "3.7.3-4ubuntu1.9+Fips1"
},
{
"binary_name": "libgnutls-dane0",
"binary_version": "3.7.3-4ubuntu1.9+Fips1"
},
{
"binary_name": "libgnutls-openssl27",
"binary_version": "3.7.3-4ubuntu1.9+Fips1"
},
{
"binary_name": "libgnutls30",
"binary_version": "3.7.3-4ubuntu1.9+Fips1"
},
{
"binary_name": "libgnutlsxx28",
"binary_version": "3.7.3-4ubuntu1.9+Fips1"
}
]
}Ubuntu:Pro:FIPS-updates:24.04:LTS
gnutls28
Package
- Name
- gnutls28
- Purl
- pkg:deb/ubuntu/gnutls28?arch=source&distro=fips-updates%2Fnoble
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed3.8.3-1.1ubuntu3.6+Fips1.2
Affected versions
3.*
3.8.3-1.1ubuntu3.1+Fips1
3.8.3-1.1ubuntu3.4+Fips1
3.8.3-1.1ubuntu3.4+Fips1.1
3.8.3-1.1ubuntu3.5+Fips1.1
Ecosystem specific
{
"availability": "Available with Ubuntu Pro: https://ubuntu.com/pro",
"binaries": [
{
"binary_name": "gnutls-bin",
"binary_version": "3.8.3-1.1ubuntu3.6+Fips1.2"
},
{
"binary_name": "libgnutls-dane0t64",
"binary_version": "3.8.3-1.1ubuntu3.6+Fips1.2"
},
{
"binary_name": "libgnutls-openssl27t64",
"binary_version": "3.8.3-1.1ubuntu3.6+Fips1.2"
},
{
"binary_name": "libgnutls30t64",
"binary_version": "3.8.3-1.1ubuntu3.6+Fips1.2"
}
]
}