Bug 2439178 (CVE-2026-26014)

Summary: CVE-2026-26014 github.com/pion/dtls: Pion DTLS uses random nonce generation with AES GCM ciphers risks leaking the authentication key
Product: [Other] Security Response Reporter: OSIDB Bzimport <bzimport>
Component: vulnerabilityAssignee: Product Security DevOps Team <prodsec-dev>
Status: NEW --- QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedKeywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: ---
Doc Text:
A vulnerability has been identified in the Pion DTLS implementation where the use of random nonce generation with AES-GCM ciphers does not adhere to recommended cryptographic practices. Under certain conditions, this may allow remote attackers to more easily derive or reuse encryption authentication keys, potentially leading to spoofed or compromised DTLS sessions during communication.
 Story Points: ---
Clone Of: Environment:
Last Closed: Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description OSIDB Bzimport 2026-02-11 22:01:13 UTC 
Pion DTLS is a Go implementation of Datagram Transport Layer Security. Pion DTLS versions v1.0.0 through v3.1.0 use random nonce generation with AES GCM ciphers, which makes it easier for remote attackers to obtain the authentication key and spoof data by leveraging the reuse of a nonce in a session and a "forbidden attack". Upgrade to v3.1.0 or later.