CVE-2023-0361

15.02.2023, 18:15

A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.4 HIGH	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
redhat	CNA	---				---
CVE	ADP	---				---
CISA-ADP	ADP	7.4 HIGH	NETWORK	HIGH	NONE	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

Base Score

CVSS 3.x

EPSS Score

Percentile: 85%

Vendor	Product	Version
gnu	gnutls	3.6.8-11.el8_2
redhat	enterprise_linux	8.0
redhat	enterprise_linux	9.0
debian	debian_linux	10.0
netapp	active_iq_unified_manager	-
netapp	converged_systems_advisor_agent	-
netapp	ontap_select_deploy_administration_utility	-

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

gnutls28

bullseye	3.7.1-5+deb11u5 fixed
bullseye (security)	3.7.1-5+deb11u6 fixed
bookworm	3.7.9-2+deb12u3 fixed
sid	3.8.8-2 fixed
trixie	3.8.8-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

gnutls28

lunar	Fixed 3.7.8-5ubuntu1 released
kinetic	Fixed 3.7.7-2ubuntu2.1 released
jammy	Fixed 3.7.3-4ubuntu1.2 released
focal	Fixed 3.6.13-2ubuntu1.8 released
bionic	ignored
xenial	ignored
trusty	ignored