CVE-2026-3832
OCSP Response Handling Flaw in GnuTLS
Publication date: 2026-04-30
Last updated on: 2026-05-03
Assigner: Red Hat, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| gnutls | gnutls | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-179 | The product validates input before applying protection mechanisms that modify the input, which could allow an attacker to bypass the validation via dangerous inputs that only arise after the modification. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2026-3832 is a security flaw in GnuTLS related to how it processes Online Certificate Status Protocol (OCSP) responses during a TLS handshake.
When a server presents a multi-record OCSP response, GnuTLS incorrectly reads the certificate status from the first record regardless of which record matches the server certificate.
This means that if the first record indicates a valid certificate but a later record shows the server certificate as revoked, the client may mistakenly accept the revoked certificate.
How can this vulnerability impact me? :
This vulnerability can lead to a security bypass where clients with OCSP verification enabled may accept revoked server certificates.
Accepting a revoked certificate undermines the trust model of TLS, potentially allowing attackers to impersonate servers or intercept encrypted communications.
The impact is considered low severity but can result in compromised trust and security in communications relying on GnuTLS for certificate validation.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves the acceptance of revoked server certificates due to improper OCSP response processing in GnuTLS. Detection involves monitoring TLS handshakes where OCSP stapling is used and verifying if revoked certificates are incorrectly accepted.
You can detect this issue by capturing and analyzing TLS handshake traffic with OCSP stapling enabled, then inspecting the OCSP responses for multi-record responses where the first record indicates a valid certificate but a later record indicates revocation.
Suggested commands include using tools like OpenSSL or GnuTLS utilities to perform OCSP checks manually and verify certificate status, for example:
- Use OpenSSL to connect and view OCSP stapling response: `openssl s_client -connect <server>:443 -status`
- Use GnuTLS client debug to check OCSP stapling: `gnutls-cli --print-cert --ocsp --priority NORMAL <server>`
By comparing the OCSP response records and their statuses, you can identify if a revoked certificate is being incorrectly accepted due to the vulnerability.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include disabling OCSP verification or OCSP stapling in GnuTLS clients until a patched version is applied.
Alternatively, update GnuTLS to a version where this vulnerability is fixed, which involves correcting the logic to use the matched OCSP record index when checking certificate status.
As a temporary workaround, avoid relying solely on OCSP stapling for certificate revocation checking and consider using CRL (Certificate Revocation Lists) or other revocation mechanisms.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability in GnuTLS allows a client to incorrectly accept revoked server certificates during TLS handshakes when OCSP verification is enabled. Accepting revoked certificates can undermine the trustworthiness of secure communications, potentially exposing sensitive data to interception or manipulation.
Such a flaw could negatively impact compliance with security requirements in common standards and regulations like GDPR and HIPAA, which mandate strong protections for data in transit and require the use of valid, trusted certificates to ensure confidentiality and integrity.
By allowing revoked certificates to be accepted, this vulnerability may increase the risk of unauthorized access or data breaches, thereby complicating adherence to these regulatory frameworks.