Amazon Linux 2023 Security Advisory: ALAS2023-2026-1777
Advisory Released Date: 2026-06-08
Advisory Updated Date: 2026-06-08
Severity:
Important
Issue Overview:
A remotely triggerable underflow in the DTLS reassembly code led to a heap overrun. The issue was reported in the issue tracker as #1811 by Joshua Rogers of AISLE Research Team. (CVE-2026-33845)
Affected Packages:
gnutls
Issue Correction:
Run dnf update gnutls --releasever 2023.12.20260608 or dnf update --advisory ALAS2023-2026-1777 --releasever 2023.12.20260608 to update your system.
More information on how to update your system can be found on this page: Amazon Linux 2023 documentation
New Packages:
aarch64:
gnutls-debuginfo-3.8.3-8.amzn2023.0.4.aarch64
gnutls-dane-debuginfo-3.8.3-8.amzn2023.0.4.aarch64
gnutls-c++-debuginfo-3.8.3-8.amzn2023.0.4.aarch64
gnutls-utils-debuginfo-3.8.3-8.amzn2023.0.4.aarch64
gnutls-debugsource-3.8.3-8.amzn2023.0.4.aarch64
gnutls-c++-3.8.3-8.amzn2023.0.4.aarch64
gnutls-dane-3.8.3-8.amzn2023.0.4.aarch64
gnutls-3.8.3-8.amzn2023.0.4.aarch64
gnutls-utils-3.8.3-8.amzn2023.0.4.aarch64
gnutls-devel-3.8.3-8.amzn2023.0.4.aarch64
src:
gnutls-3.8.3-8.amzn2023.0.4.src
x86_64:
gnutls-utils-debuginfo-3.8.3-8.amzn2023.0.4.x86_64
gnutls-c++-debuginfo-3.8.3-8.amzn2023.0.4.x86_64
gnutls-debuginfo-3.8.3-8.amzn2023.0.4.x86_64
gnutls-dane-debuginfo-3.8.3-8.amzn2023.0.4.x86_64
gnutls-3.8.3-8.amzn2023.0.4.x86_64
gnutls-dane-3.8.3-8.amzn2023.0.4.x86_64
gnutls-debugsource-3.8.3-8.amzn2023.0.4.x86_64
gnutls-c++-3.8.3-8.amzn2023.0.4.x86_64
gnutls-utils-3.8.3-8.amzn2023.0.4.x86_64
gnutls-devel-3.8.3-8.amzn2023.0.4.x86_64