A flaw was found in gnutls. The PKCS#7 padding check, performed during decryption, was not constant-time. This timing side-channel could allow a remote attacker to potentially leak sensitive information about the padding bytes through observable timing differences. This vulnerability is a form of information disclosure.
Weakness
Two separate operations in a product require different amounts of time to complete, in a way that is observable to an actor and reveals security-relevant information about the state of the product, such as whether a particular operation was successful or not.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Red Hat Enterprise Linux 10 | RedHat | gnutls-0:3.8.10-4.el10_2 | * |
| Red Hat Enterprise Linux 10.0 Extended Update Support | RedHat | gnutls-0:3.8.9-9.el10_0.19 | * |
| Red Hat Enterprise Linux 9 | RedHat | gnutls-0:3.8.10-4.el9_8 | * |
| Red Hat Enterprise Linux 9 | RedHat | gnutls-0:3.8.10-4.el9_8 | * |
| Red Hat Update Infrastructure 5 | RedHat | rhui5/cds-rhel9:1781525684 | * |
| Red Hat Update Infrastructure 5 | RedHat | rhui5/haproxy-rhel9:1781525671 | * |
| Red Hat Update Infrastructure 5 | RedHat | rhui5/installer-rhel9:1781525693 | * |
| Red Hat Update Infrastructure 5 | RedHat | rhui5/rhua-rhel9:1781525739 | * |
| Gnutls28 | Ubuntu | devel | * |
| Gnutls28 | Ubuntu | fips-updates/noble | * |
| Gnutls28 | Ubuntu | noble | * |
| Gnutls28 | Ubuntu | questing | * |
| Gnutls28 | Ubuntu | resolute | * |
| Gnutls28 | Ubuntu | upstream | * |
Related Attack Patterns
- https://cwe.mitre.org/data/definitions/462.html
- https://cwe.mitre.org/data/definitions/541.html
- https://cwe.mitre.org/data/definitions/580.html