AlmaLinux 8 : gnutls (ALSA-2023:1569)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:1569 advisory. - A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypte...

Moderate: Red Hat Security Advisory: gnutls security and bug fix update

An update for gnutls is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

gnutls: timing side-channel in the TLS RSA key exchange code

A timing side-channel vulnerability was found in RSA ClientKeyExchange messages in GnuTLS. This side-channel may be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, the attacker would need to send ...

gnutls security and bug fix update

3.6.16-6 - Fix x8664 CPU feature detection when AVX is not available 2131152 - Fix timing side-channel in TLS RSA key exchange 2162598...

Oracle Linux 8 : gnutls (ELSA-2023-1569)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-1569 advisory. 3.6.16-6 - Fix x8664 CPU feature detection when AVX is not available 2131152 - Fix timing side-channel in TLS RSA key exchange 2162598 Tenable has extracted the...

RHEL 8 : gnutls (RHSA-2023:1569)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2023:1569 advisory. The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS...

Moderate: gnutls security and bug fix update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: timing side-channel in the TLS RSA key exchange code CVE-2023-0361 For more details about the security issues,...

ALSA-2023:1569 Moderate: gnutls security and bug fix update

The gnutls packages provide the GNU Transport Layer Security GnuTLS library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS. Security Fixes: gnutls: timing side-channel in the TLS RSA key exchange code CVE-2023-0361 For more details about the security issues,...

Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GnuTLS (CVE-2022-2509)

Summary Security Bulletin: IBM Watson Speech Services Cartridge for IBM Cloud Pak for Data is vulnerable to a denial of service in GnuTLS caused by a double free flaw during the verification of pkcs7 signatures in gnutlspkcs7verify function. CVE-2022-2509. GnuTLS is included as part of the Base O...

CVE-2023-0361 affecting package gnutls for versions less than 3.7.7-2

CVE-2023-0361 affecting package gnutls for versions less than 3.7.7-2. A patched version of the package is available...

USN-5901-1: GnuTLS vulnerability | Cloud Foundry

Severity Medium Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 22.04 Description Hubert Kario discovered that GnuTLS had a timing side-channel when handling certain RSA messages. A remote attacker could possibly use this issue to recover sensitive information. Update Instructions: Run...

Amazon Linux 2023 : libnetapi, libnetapi-devel, libsmbclient (ALAS2023-2023-032)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-032 advisory. 2024-02-15: CVE-2016-2124 was added to this advisory. 2024-02-15: CVE-2021-44141 was added to this advisory. 2024-02-15: CVE-2021-20316 was added to this advisory. 2024-02-15: CVE-2020-17049 wa...

Fedora: Security Advisory for gnutls (FEDORA-2023-4fc4c33f2b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for guile-gnutls (FEDORA-2023-4fc4c33f2b)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: guile-gnutls-3.7.11-1.fc36

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, OpenPGP and...

[SECURITY] Fedora 36 Update: gnutls-3.8.0-2.fc36

GnuTLS is a secure communications library implementing the SSL, TLS and DTLS protocols and technologies around them. It provides a simple C language application programming interface API to access the secure communications protocols as well as APIs to parse and write X.509, PKCS 12, OpenPGP and...

Fedora 36 : gnutls / guile-gnutls (2023-4fc4c33f2b)

The remote Fedora 36 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2023-4fc4c33f2b advisory. Release of gnutls 3.8.0 fixes CVE-2023-0361 Release of gnutls guile bingings as standalone package. Tenable has extracted the preceding description block...

CVE-2023-0361 affecting package gnutls 3.6.14-8

CVE-2023-0361 affecting package gnutls 3.6.14-8. A patched version of the package is available...

Moderate: Red Hat Security Advisory: gnutls security and bug fix update

An update for gnutls is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

gnutls: timing side-channel in the TLS RSA key exchange code

A timing side-channel vulnerability was found in RSA ClientKeyExchange messages in GnuTLS. This side-channel may be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, the attacker would need to send ...