#VU83316 Information Exposure Through Timing Discrepancy in GnuTLS


Published: 2023-11-20

Vulnerability identifier: #VU83316

Vulnerability risk: Medium

CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2023-5981

CWE-ID: CWE-208

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
GnuTLS
Universal components / Libraries / Libraries used by multiple products

Vendor: GnuTLS

Description

The vulnerability allows a remote attacker to perform timing attack.

The vulnerability exists due to the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding. A remote attacker can perform timing sidechannel attack in RSA-PSK key exchange.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

GnuTLS: 3.8.0 - 3.8.1

External links
http://gitlab.com/gnutls/gnutls/-/issues/1511
http://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23
http://lists.gnupg.org/pipermail/gnutls-help/2023-November/004837.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in Dell Networking OS10
Multiple vulnerabilities in Red Hat Service Interconnect 1.5
Multiple vulnerabilities in OpenShift API for Data Protection (OADP) 1.3
Multiple vulnerabilities in Juniper Networks Junos cRPD
Multiple vulnerabilities in Juniper Cloud Native Router
Multiple vulnerabilities in Custom Metrics Autoscaler Operator for Red Hat OpenShift
SUSE update for gnutls
Multiple vulnerabilities in Logging Subsystem 5.8 for Red Hat OpenShift for RHEL 9
Multiple vulnerabilities in Red Hat OpenShift Builds
Multiple vulnerabilities in Red Hat OpenShift Container Platform 4.12