SB2019053002 - Ubuntu update for GnuTLS

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2019053002

SB2019053002 - Ubuntu update for GnuTLS

Published: May 30, 2019

Security Bulletin ID SB2019053002
Severity
High
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

High 20% Medium 20% Low 60%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2018-10844)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to usage of an insecure implementation of HMAC-SHA-256 algorithm vulnerable to a Lucky thirteen style attack. A remote attacker with ability to intercept traffic can recover encrypted data.


2) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2018-10845)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to usage of an insecure implementation of HMAC-SHA-384 algorithm vulnerable to a Lucky thirteen style attack. A remote attacker with ability to intercept traffic can recover encrypted data.


3) Cryptographic issues (CVE-ID: CVE-2018-10846)

The vulnerability allows a remote attacker to gain access to potentially sensitive information.

The vulnerability exists due to a cache-based side channel in GnuTLS implementation that can lead to recovery of data in cross-VM attack setting. A remote attacker with ability to intercept traffic can recover encrypted data using a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack.


4) Double free (CVE-ID: CVE-2019-3829)

The vulnerability allows a remote attacker to execute arbitrary code on the target system.

The vulnerability exists due to a double free error in the certificate verification API when processing X.509  crtificates. A remote attacker can supply a specially crafted X.509  certificate, trigger double free error and execute arbitrary code on the target system.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.


5) Buffer overflow (CVE-ID: CVE-2019-3836)

The vulnerability allows a remote attacker to perform denial of service attack.

The vulnerability exists due to uninitialized pointer access when processing TLS1.3 asynchronous messages. A remote attacker can pass specially crafted asynchronous post-handshake message, trigger memory corruption and perform denial of service attack.


Remediation

Install update from vendor's website.

References