GSD-2024-28834
Vulnerability from gsd - Updated: 2024-04-02 05:02Details
A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.
Aliases
{
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2024-28834"
],
"details": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel.",
"id": "GSD-2024-28834",
"modified": "2024-04-02T05:02:55.571140Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2024-28834",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.6.16-8.el8_9.3",
"versionType": "rpm"
}
]
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.6.16-8.el8_9.3",
"versionType": "rpm"
}
]
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.6 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.6.16-5.el8_6.4",
"versionType": "rpm"
}
]
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8.8 Extended Update Support",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.6.16-7.el8_8.3",
"versionType": "rpm"
}
]
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 9",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.7.6-23.el9_3.4",
"versionType": "rpm"
}
]
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected",
"versions": [
{
"lessThan": "*",
"status": "unaffected",
"version": "0:3.7.6-23.el9_3.4",
"versionType": "rpm"
}
]
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 6",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unknown"
}
}
]
}
}
]
},
"vendor_name": "Red Hat"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel."
}
]
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-200",
"lang": "eng",
"value": "Exposure of Sensitive Information to an Unauthorized Actor"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://access.redhat.com/errata/RHSA-2024:1784",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2024:1784"
},
{
"name": "https://access.redhat.com/errata/RHSA-2024:1879",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2024:1879"
},
{
"name": "https://access.redhat.com/errata/RHSA-2024:1997",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2024:1997"
},
{
"name": "https://access.redhat.com/errata/RHSA-2024:2044",
"refsource": "MISC",
"url": "https://access.redhat.com/errata/RHSA-2024:2044"
},
{
"name": "https://access.redhat.com/security/cve/CVE-2024-28834",
"refsource": "MISC",
"url": "https://access.redhat.com/security/cve/CVE-2024-28834"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=2269228",
"refsource": "MISC",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269228"
},
{
"name": "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html",
"refsource": "MISC",
"url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html"
},
{
"name": "https://minerva.crocs.fi.muni.cz/",
"refsource": "MISC",
"url": "https://minerva.crocs.fi.muni.cz/"
},
{
"name": "https://people.redhat.com/~hkario/marvin/",
"refsource": "MISC",
"url": "https://people.redhat.com/~hkario/marvin/"
}
]
},
"work_around": [
{
"lang": "en",
"value": "Mitigation for this issue is either not available or the currently available options don\u0027t meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability."
}
]
},
"nvd.nist.gov": {
"cve": {
"descriptions": [
{
"lang": "en",
"value": "A flaw was found in GnuTLS. The Minerva attack is a cryptographic vulnerability that exploits deterministic behavior in systems like GnuTLS, leading to side-channel leaks. In specific scenarios, such as when using the GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE flag, it can result in a noticeable step in nonce size from 513 to 512 bits, exposing a potential timing side-channel."
},
{
"lang": "es",
"value": "Se encontr\u00f3 una falla en GnuTLS. El ataque Minerva es una vulnerabilidad criptogr\u00e1fica que explota el comportamiento determinista en sistemas como GnuTLS, lo que genera filtraciones de canales laterales. En escenarios espec\u00edficos, como cuando se usa el indicador GNUTLS_PRIVKEY_FLAG_REPRODUCIBLE, puede resultar en un paso notable en el tama\u00f1o del nonce de 513 a 512 bits, exponiendo un posible canal lateral de temporizaci\u00f3n."
}
],
"id": "CVE-2024-28834",
"lastModified": "2024-04-25T18:15:07.903",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 1.6,
"impactScore": 3.6,
"source": "secalert@redhat.com",
"type": "Secondary"
}
]
},
"published": "2024-03-21T14:15:07.547",
"references": [
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:1784"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:1879"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:1997"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/errata/RHSA-2024:2044"
},
{
"source": "secalert@redhat.com",
"url": "https://access.redhat.com/security/cve/CVE-2024-28834"
},
{
"source": "secalert@redhat.com",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2269228"
},
{
"source": "secalert@redhat.com",
"url": "https://lists.gnupg.org/pipermail/gnutls-help/2024-March/004845.html"
},
{
"source": "secalert@redhat.com",
"url": "https://minerva.crocs.fi.muni.cz/"
},
{
"source": "secalert@redhat.com",
"url": "https://people.redhat.com/~hkario/marvin/"
}
],
"sourceIdentifier": "secalert@redhat.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "secalert@redhat.com",
"type": "Primary"
}
]
}
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…