CVE-2018-16868

low-risk
Published 2018-12-03

A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade any TLS connections to a vulnerable server.

Do I need to act?

-
0.04% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.6/10 Medium
PHYSICAL / HIGH complexity

Affected Products (1)

Affected Vendors

Gnu

References (10)

Technical Description http://cat.eyalro.net/
Broken Link http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00017.html
Broken Link http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00068.html
Third Party Advisory http://www.securityfocus.com/bid/106080
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16868
Technical Description http://cat.eyalro.net/
Broken Link http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00017.html
Broken Link http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00068.html
Third Party Advisory http://www.securityfocus.com/bid/106080
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-16868
20
/ 100
low-risk
Severity 15/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal