Description

A flaw was found in gnutls. A remote, unauthenticated attacker can exploit this vulnerability by sending a specially crafted ClientHello message with an invalid Pre-Shared Key (PSK) binder value during the TLS handshake. This can lead to a NULL pointer dereference, causing the server to crash and resulting in a remote Denial of Service (DoS) condition.

INFO

Published Date :

2026-04-09T18:00:21.184Z

Last Modified :

2026-05-03T13:15:17.692Z

Source :

redhat
AFFECTED PRODUCTS

The following products are affected by CVE-2026-1584 vulnerability.

Vendors Products
Gnu
  • Gnutls
Redhat
  • Enterprise Linux
  • Hardened Images
  • Hummingbird
  • Openshift
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2026-1584.

URL Resource
https://access.redhat.com/errata/RHSA-2026:7477 cve-icon cve-icon
https://access.redhat.com/security/cve/CVE-2026-1584 cve-icon cve-icon
https://bugzilla.redhat.com/show_bug.cgi?id=2435258 cve-icon cve-icon
https://nvd.nist.gov/vuln/detail/CVE-2026-1584 cve-icon
https://www.cve.org/CVERecord?id=CVE-2026-1584 cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact