CVE-2024-28834

2024-03-2100:00:00

ubuntu.com

gnutls

cve-2024-28834

minerva attack

cryptographic vulnerability

deterministic behavior

side-channel leaks

gnutls_privkey_flag_reproducible

nonce size

noticeable step

timing side-channel

debian

unix

5.3 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

5.1 Medium

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

A flaw was found in GnuTLS. The Minerva attack is a cryptographic
vulnerability that exploits deterministic behavior in systems like GnuTLS,
leading to side-channel leaks. In specific scenarios, such as when using
the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable
step in nonce size from 513 to 512 bits, exposing a potential timing
side-channel.

Bugs

Notes

Author	Note
mdeslaur	per Debian, introduced in 3.6.10

OSVersionArchitecturePackageVersionFilename
ubuntu20.04noarchgnutls28< 3.6.13-2ubuntu1.11UNKNOWN
ubuntu22.04noarchgnutls28< 3.7.3-4ubuntu1.5UNKNOWN
ubuntu23.10noarchgnutls28< 3.8.1-4ubuntu1.3UNKNOWN
ubuntu24.04noarchgnutls28< 3.8.3-1.1ubuntu3.1UNKNOWN

OS	Version	Architecture	Package	Version	Filename
ubuntu	20.04	noarch	gnutls28	< 3.6.13-2ubuntu1.11	UNKNOWN
ubuntu	22.04	noarch	gnutls28	< 3.7.3-4ubuntu1.5	UNKNOWN
ubuntu	23.10	noarch	gnutls28	< 3.8.1-4ubuntu1.3	UNKNOWN
ubuntu	24.04	noarch	gnutls28	< 3.8.3-1.1ubuntu3.1	UNKNOWN