Vulnerabilities > CVE-2018-10844

047910
CVSS 5.9 - MEDIUM
Attack vector
NETWORK
Attack complexity
HIGH
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
high complexity
gnu
redhat
canonical
fedoraproject
debian
nessus

Summary

It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets.

Vulnerable Configurations

Part Description Count
Application
Gnu
338
OS
Redhat
3
OS
Canonical
4
OS
Fedoraproject
2
OS
Debian
1

Nessus

  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-2930-1.NASL
    descriptionThis update for gnutls fixes the following security issues : Improved mitigations against Lucky 13 class of attacks CVE-2018-10846:
    last seen2020-03-18
    modified2019-01-02
    plugin id120112
    published2019-01-02
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120112
    titleSUSE SLED15 / SLES15 Security Update : gnutls (SUSE-SU-2018:2930-1)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    # The descriptive text and package checks in this plugin were
    # extracted from SUSE update advisory SUSE-SU-2018:2930-1.
    # The text itself is copyright (C) SUSE.
    #
    
    include("compat.inc");
    
    if (description)
    {
      script_id(120112);
      script_version("1.3");
      script_set_attribute(attribute:"plugin_modification_date", value:"2020/03/16");
    
      script_cve_id("CVE-2017-10790", "CVE-2018-10844", "CVE-2018-10845", "CVE-2018-10846");
    
      script_name(english:"SUSE SLED15 / SLES15 Security Update : gnutls (SUSE-SU-2018:2930-1)");
      script_summary(english:"Checks rpm output for the updated packages.");
    
      script_set_attribute(
        attribute:"synopsis", 
        value:"The remote SUSE host is missing one or more security updates."
      );
      script_set_attribute(
        attribute:"description", 
        value:
    "This update for gnutls fixes the following security issues :
    
    Improved mitigations against Lucky 13 class of attacks
    
    CVE-2018-10846: 'Just in Time' PRIME + PROBE cache-based side channel
    attack can lead to plaintext recovery (bsc#1105460)
    
    CVE-2018-10845: HMAC-SHA-384 vulnerable to Lucky thirteen attack due
    to use of wrong constant (bsc#1105459)
    
    CVE-2018-10844: HMAC-SHA-256 vulnerable to Lucky thirteen attack due
    to not enough dummy function calls (bsc#1105437)
    
    CVE-2017-10790: The _asn1_check_identifier function in Libtasn1 caused
    a NULL pointer dereference and crash (bsc#1047002)
    
    Note that Tenable Network Security has extracted the preceding
    description block directly from the SUSE security advisory. Tenable
    has attempted to automatically clean and format it as much as possible
    without introducing additional issues."
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1047002"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1105437"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1105459"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://bugzilla.suse.com/show_bug.cgi?id=1105460"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2017-10790/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-10844/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-10845/"
      );
      script_set_attribute(
        attribute:"see_also",
        value:"https://www.suse.com/security/cve/CVE-2018-10846/"
      );
      # https://www.suse.com/support/update/announcement/2018/suse-su-20182930-1/
      script_set_attribute(
        attribute:"see_also",
        value:"http://www.nessus.org/u?8828fca1"
      );
      script_set_attribute(
        attribute:"solution", 
        value:
    "To install this SUSE Security Update use the SUSE recommended
    installation methods like YaST online_update or 'zypper patch'.
    
    Alternatively you can run the command listed for your product :
    
    SUSE Linux Enterprise Module for Desktop Applications 15:zypper in -t
    patch SUSE-SLE-Module-Desktop-Applications-15-2018-2070=1
    
    SUSE Linux Enterprise Module for Basesystem 15:zypper in -t patch
    SUSE-SLE-Module-Basesystem-15-2018-2070=1"
      );
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-10845");
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gnutls");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gnutls-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:gnutls-debugsource");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgnutls-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgnutls30");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgnutls30-32bit-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgnutls30-debuginfo");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgnutlsxx-devel");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgnutlsxx28");
      script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:libgnutlsxx28-debuginfo");
      script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:15");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2017/07/02");
      script_set_attribute(attribute:"patch_publication_date", value:"2018/09/28");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/01/02");
      script_set_attribute(attribute:"generated_plugin", value:"current");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_copyright(english:"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
      script_family(english:"SuSE Local Security Checks");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
    
      exit(0);
    }
    
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    release = get_kb_item("Host/SuSE/release");
    if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
    os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
    if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
    os_ver = os_ver[1];
    if (! preg(pattern:"^(SLED15|SLES15)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLED15 / SLES15", "SUSE " + os_ver);
    
    if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
    
    sp = get_kb_item("Host/SuSE/patchlevel");
    if (isnull(sp)) sp = "0";
    if (os_ver == "SLES15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLES15 SP0", os_ver + " SP" + sp);
    if (os_ver == "SLED15" && (! preg(pattern:"^(0)$", string:sp))) audit(AUDIT_OS_NOT, "SLED15 SP0", os_ver + " SP" + sp);
    
    
    flag = 0;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"gnutls-debugsource-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libgnutls30-32bit-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", cpu:"x86_64", reference:"libgnutls30-32bit-debuginfo-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"gnutls-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"gnutls-debuginfo-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"gnutls-debugsource-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libgnutls-devel-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libgnutls30-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libgnutls30-debuginfo-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libgnutlsxx-devel-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libgnutlsxx28-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLES15", sp:"0", reference:"libgnutlsxx28-debuginfo-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"gnutls-debugsource-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libgnutls30-32bit-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", cpu:"x86_64", reference:"libgnutls30-32bit-debuginfo-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"gnutls-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"gnutls-debuginfo-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"gnutls-debugsource-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libgnutls-devel-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libgnutls30-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libgnutls30-debuginfo-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libgnutlsxx-devel-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libgnutlsxx28-3.6.2-6.3.1")) flag++;
    if (rpm_check(release:"SLED15", sp:"0", reference:"libgnutlsxx28-debuginfo-3.6.2-6.3.1")) flag++;
    
    
    if (flag)
    {
      if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
      else security_warning(0);
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gnutls");
    }
    
  • NASL familyNewStart CGSL Local Security Checks
    NASL idNEWSTART_CGSL_NS-SA-2019-0068_GNUTLS.NASL
    descriptionThe remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has gnutls packages installed that are affected by multiple vulnerabilities: - It was found that GnuTLS
    last seen2020-06-01
    modified2020-06-02
    plugin id127268
    published2019-08-12
    reporterThis script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/127268
    titleNewStart CGSL CORE 5.04 / MAIN 5.04 : gnutls Multiple Vulnerabilities (NS-SA-2019-0068)
    code
    #
    # (C) Tenable Network Security, Inc.
    #
    
    # The descriptive text and package checks in this plugin were
    # extracted from ZTE advisory NS-SA-2019-0068. The text
    # itself is copyright (C) ZTE, Inc.
    
    include("compat.inc");
    
    if (description)
    {
      script_id(127268);
      script_version("1.2");
      script_cvs_date("Date: 2019/10/17 14:31:04");
    
      script_cve_id("CVE-2018-10844", "CVE-2018-10845", "CVE-2018-10846");
    
      script_name(english:"NewStart CGSL CORE 5.04 / MAIN 5.04 : gnutls Multiple Vulnerabilities (NS-SA-2019-0068)");
    
      script_set_attribute(attribute:"synopsis", value:
    "The remote machine is affected by multiple vulnerabilities.");
      script_set_attribute(attribute:"description", value:
    "The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has gnutls packages installed that are affected by
    multiple vulnerabilities:
    
      - It was found that GnuTLS's implementation of HMAC-
        SHA-256 was vulnerable to Lucky Thirteen-style attack. A
        remote attacker could use this flaw to conduct
        distinguishing attacks and plain text recovery attacks
        via statistical analysis of timing data using crafted
        packets. (CVE-2018-10844)
    
      - It was found that GnuTLS's implementation of HMAC-
        SHA-384 was vulnerable to a Lucky Thirteen-style attack.
        A remote attacker could use this flaw to conduct
        distinguishing attacks and plain text recovery attacks
        via statistical analysis of timing data using crafted
        packets. (CVE-2018-10845)
    
      - A cache-based side channel attack was found in the way
        GnuTLS implements CBC-mode cipher suites. An attacker
        could use a combination of Just in Time Prime+probe
        and Lucky-13 attacks to recover plain text in a cross-VM
        attack scenario. (CVE-2018-10846)
    
    Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version
    number.");
      script_set_attribute(attribute:"see_also", value:"http://security.gd-linux.com/notice/NS-SA-2019-0068");
      script_set_attribute(attribute:"solution", value:
    "Upgrade the vulnerable CGSL gnutls packages. Note that updated packages may not be available yet. Please contact ZTE for
    more information.");
      script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N");
      script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
      script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N");
      script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
      script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-10845");
    
      script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
    
      script_set_attribute(attribute:"vuln_publication_date", value:"2018/08/22");
      script_set_attribute(attribute:"patch_publication_date", value:"2019/07/17");
      script_set_attribute(attribute:"plugin_publication_date", value:"2019/08/12");
    
      script_set_attribute(attribute:"plugin_type", value:"local");
      script_end_attributes();
    
      script_category(ACT_GATHER_INFO);
      script_family(english:"NewStart CGSL Local Security Checks");
    
      script_copyright(english:"This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
    
      script_dependencies("ssh_get_info.nasl");
      script_require_keys("Host/local_checks_enabled", "Host/ZTE-CGSL/release", "Host/ZTE-CGSL/rpm-list", "Host/cpu");
    
      exit(0);
    }
    
    include("audit.inc");
    include("global_settings.inc");
    include("rpm.inc");
    
    if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
    
    release = get_kb_item("Host/ZTE-CGSL/release");
    if (isnull(release) || release !~ "^CGSL (MAIN|CORE)") audit(AUDIT_OS_NOT, "NewStart Carrier Grade Server Linux");
    
    if (release !~ "CGSL CORE 5.04" &&
        release !~ "CGSL MAIN 5.04")
      audit(AUDIT_OS_NOT, 'NewStart CGSL CORE 5.04 / NewStart CGSL MAIN 5.04');
    
    if (!get_kb_item("Host/ZTE-CGSL/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
    
    cpu = get_kb_item("Host/cpu");
    if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
    if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "NewStart Carrier Grade Server Linux", cpu);
    
    flag = 0;
    
    pkgs = {
      "CGSL CORE 5.04": [
        "gnutls-3.3.29-9.el7_6",
        "gnutls-c++-3.3.29-9.el7_6",
        "gnutls-dane-3.3.29-9.el7_6",
        "gnutls-debuginfo-3.3.29-9.el7_6",
        "gnutls-devel-3.3.29-9.el7_6",
        "gnutls-utils-3.3.29-9.el7_6"
      ],
      "CGSL MAIN 5.04": [
        "gnutls-3.3.29-9.el7_6",
        "gnutls-c++-3.3.29-9.el7_6",
        "gnutls-dane-3.3.29-9.el7_6",
        "gnutls-debuginfo-3.3.29-9.el7_6",
        "gnutls-devel-3.3.29-9.el7_6",
        "gnutls-utils-3.3.29-9.el7_6"
      ]
    };
    pkg_list = pkgs[release];
    
    foreach (pkg in pkg_list)
      if (rpm_check(release:"ZTE " + release, reference:pkg)) flag++;
    
    if (flag)
    {
      security_report_v4(
        port       : 0,
        severity   : SECURITY_WARNING,
        extra      : rpm_report_get()
      );
      exit(0);
    }
    else
    {
      tested = pkg_tests_get();
      if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
      else audit(AUDIT_PACKAGE_NOT_INSTALLED, "gnutls");
    }
    
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1203.NASL
    descriptionAccording to the version of the gnutls packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - It was found that GnuTLS
    last seen2020-03-19
    modified2019-04-09
    plugin id123889
    published2019-04-09
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123889
    titleEulerOS Virtualization 2.5.4 : gnutls (EulerOS-SA-2019-1203)
  • NASL familyOracle Linux Local Security Checks
    NASL idORACLELINUX_ELSA-2018-3050.NASL
    descriptionFrom Red Hat Security Advisory 2018:3050 : An update for gnutls is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. The following packages have been upgraded to a later upstream version: gnutls (3.3.29). (BZ#1561481) Security Fix(es) : * gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls (CVE-2018-10844) * gnutls: HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant (CVE-2018-10845) * gnutls:
    last seen2020-06-01
    modified2020-06-02
    plugin id118764
    published2018-11-07
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118764
    titleOracle Linux 7 : gnutls (ELSA-2018-3050)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2018-3050.NASL
    descriptionAn update for gnutls is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. The following packages have been upgraded to a later upstream version: gnutls (3.3.29). (BZ#1561481) Security Fix(es) : * gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls (CVE-2018-10844) * gnutls: HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant (CVE-2018-10845) * gnutls:
    last seen2020-06-01
    modified2020-06-02
    plugin id118516
    published2018-10-31
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118516
    titleRHEL 7 : gnutls (RHSA-2018:3050)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2018-1049.NASL
    descriptionThis update for gnutls fixes the following issues : Security issues fixed : - Improved mitigations against Lucky 13 class of attacks - CVE-2018-10846:
    last seen2020-06-05
    modified2018-09-27
    plugin id117792
    published2018-09-27
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117792
    titleopenSUSE Security Update : gnutls (openSUSE-2018-1049)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2018-1444.NASL
    descriptionAccording to the version of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls (CVE-2018-10844) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2018-12-28
    plugin id119933
    published2018-12-28
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119933
    titleEulerOS 2.0 SP2 : gnutls (EulerOS-SA-2018-1444)
  • NASL familyScientific Linux Local Security Checks
    NASL idSL_20181030_GNUTLS_ON_SL7_X.NASL
    descriptionSecurity Fix(es) : - gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls (CVE-2018-10844) - gnutls: HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant (CVE-2018-10845) - gnutls:
    last seen2020-03-18
    modified2018-11-27
    plugin id119184
    published2018-11-27
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119184
    titleScientific Linux Security Update : gnutls on SL7.x x86_64 (20181030)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2018-1092.NASL
    descriptionThis update for gnutls fixes the following security issues : - Improved mitigations against Lucky 13 class of attacks - CVE-2018-10846:
    last seen2020-06-05
    modified2018-10-03
    plugin id117897
    published2018-10-03
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117897
    titleopenSUSE Security Update : gnutls (openSUSE-2018-1092)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DLA-1560.NASL
    descriptionA set of vulnerabilities was discovered in GnuTLS which allowed attackers to do plain text recovery on TLS connections with certain cipher types. CVE-2018-10844 It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets. CVE-2018-10845 It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets. CVE-2018-10846 A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of
    last seen2020-06-01
    modified2020-06-02
    plugin id118504
    published2018-10-31
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118504
    titleDebian DLA-1560-1 : gnutls28 security update
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1026.NASL
    descriptionAccording to the version of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls (CVE-2018-10844) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-02-14
    plugin id122173
    published2019-02-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/122173
    titleEulerOS 2.0 SP3 : gnutls (EulerOS-SA-2019-1026)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-2825-1.NASL
    descriptionThis update for gnutls fixes the following issues : This update for gnutls fixes the following issues : Security issues fixed : Improved mitigations against Lucky 13 class of attacks
    last seen2020-06-01
    modified2020-06-02
    plugin id117696
    published2018-09-25
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117696
    titleSUSE SLES12 Security Update : gnutls (SUSE-SU-2018:2825-1)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-2825-2.NASL
    descriptionThis update for gnutls fixes the following issues : This update for gnutls fixes the following issues : Security issues fixed : Improved mitigations against Lucky 13 class of attacks
    last seen2020-06-01
    modified2020-06-02
    plugin id118292
    published2018-10-22
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/118292
    titleSUSE SLES12 Security Update : gnutls (SUSE-SU-2018:2825-2)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2020-D14280A6E8.NASL
    descriptionhttps://lists.gnupg.org/pipermail/gnutls-help/2020-March/004642.html Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-15
    modified2020-05-08
    plugin id136416
    published2020-05-08
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136416
    titleFedora 31 : mingw-gnutls (2020-d14280a6e8)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2018-2842-1.NASL
    descriptionThis update for gnutls fixes the following issues : Security issues fixed : Improved mitigations against Lucky 13 class of attacks -
    last seen2020-06-01
    modified2020-06-02
    plugin id117702
    published2018-09-25
    reporterThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/117702
    titleSUSE SLED12 / SLES12 Security Update : gnutls (SUSE-SU-2018:2842-1)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2019-746.NASL
    descriptionThis update for gnutls fixes the following security issues : - Improved mitigations against Lucky 13 class of attacks - CVE-2018-10846:
    last seen2020-06-01
    modified2020-06-02
    plugin id123319
    published2019-03-27
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/123319
    titleopenSUSE Security Update : gnutls (openSUSE-2019-746)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-3999-1.NASL
    descriptionEyal Ronen, Kenneth G. Paterson, and Adi Shamir discovered that GnuTLS was vulnerable to a timing side-channel attack known as the
    last seen2020-06-01
    modified2020-06-02
    plugin id125622
    published2019-05-31
    reporterUbuntu Security Notice (C) 2019-2020 Canonical, Inc. / NASL script (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/125622
    titleUbuntu 16.04 LTS / 18.04 LTS / 18.10 / 19.04 : gnutls28 vulnerabilities (USN-3999-1)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1005.NASL
    descriptionAccording to the version of the gnutls packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls (CVE-2018-10844) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-06
    modified2019-01-08
    plugin id120993
    published2019-01-08
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/120993
    titleEulerOS 2.0 SP5 : gnutls (EulerOS-SA-2019-1005)
  • NASL familyAmazon Linux Local Security Checks
    NASL idAL2_ALAS-2018-1120.NASL
    descriptionIt was found that GnuTLS
    last seen2020-05-19
    modified2018-12-10
    plugin id119503
    published2018-12-10
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119503
    titleAmazon Linux 2 : gnutls (ALAS-2018-1120)
  • NASL familyHuawei Local Security Checks
    NASL idEULEROS_SA-2019-1388.NASL
    descriptionAccording to the versions of the gnutls packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets.(CVE-2018-10845) - It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets.(CVE-2018-10844) - A flaw was found in the way TLS 1.2 could use the MD5 hash function for signing ServerKeyExchange and Client Authentication packets during a TLS handshake. A man-in-the-middle attacker able to force a TLS connection to use the MD5 hash function could use this flaw to conduct collision attacks to impersonate a TLS server or an authenticated TLS client.(CVE-2015-7575) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-01
    modified2020-06-02
    plugin id124891
    published2019-05-14
    reporterThis script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/124891
    titleEulerOS Virtualization for ARM 64 3.0.1.0 : gnutls (EulerOS-SA-2019-1388)
  • NASL familyCentOS Local Security Checks
    NASL idCENTOS_RHSA-2018-3050.NASL
    descriptionAn update for gnutls is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. The following packages have been upgraded to a later upstream version: gnutls (3.3.29). (BZ#1561481) Security Fix(es) : * gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls (CVE-2018-10844) * gnutls: HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant (CVE-2018-10845) * gnutls:
    last seen2020-03-28
    modified2018-12-17
    plugin id119690
    published2018-12-17
    reporterThis script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/119690
    titleCentOS 7 : gnutls (CESA-2018:3050)

Redhat

advisories
  • rhsa
    idRHSA-2018:3050
  • rhsa
    idRHSA-2018:3505
rpms
  • gnutls-0:3.3.29-8.el7
  • gnutls-c++-0:3.3.29-8.el7
  • gnutls-dane-0:3.3.29-8.el7
  • gnutls-debuginfo-0:3.3.29-8.el7
  • gnutls-devel-0:3.3.29-8.el7
  • gnutls-utils-0:3.3.29-8.el7