CVE-2025-6395 MEDIUM

CVE-2025-6395: Gnutls: null pointer dereference in _gnutls_figure_common_ciphersuite()

Vendor Red Hat
Product Red Hat Enterprise Linux 6
Weakness CWE-476
Published July 10, 2025
Last update June 30, 2026

CVSS base score

6.5/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality None
Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H

What the vulnerability does

01Description

A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().

Key dates

02Disclosure timeline

July 10, 2025 CVE published
June 30, 2026 Record updated