StarlingX

Debian]: CVE: CVE-2023-0361: gnutls: e able to decrypt the application data exchanged over that connection

Bug #2020724 reported by Yue Tao
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
High
Unassigned

Bug Description

CVE-2023-0361: https://nvd.nist.gov/vuln/detail/CVE-2023-0361

Base Score: High

A timing side-channel in the handling of RSA ClientKeyExchange messages was discovered in GnuTLS. This side-channel can be sufficient to recover the key encrypted in the RSA ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption the attacker would need to send a large amount of specially crafted messages to the vulnerable server. By recovering the secret from the ClientKeyExchange message, the attacker would be able to decrypt the application data exchanged over that connection.

Reference:

https://www.debian.org/security/2023/dsa-5349

['libgnutls28-dev_3.7.1-5_amd64.deb===>libgnutls28-dev_3.7.1-5+deb11u3_amd64.deb', 'libgnutls30_3.7.1-5_amd64.deb===>libgnutls30_3.7.1-5+deb11u3_amd64.deb']

CVE References

Yue Tao (wrytao)
Changed in starlingx:
importance: Undecided → Critical
importance: Critical → High
status: New → Triaged
tags: added: stx.9.0 stx.security
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to tools (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/tools/+/884799

Changed in starlingx:
status: Triaged → In Progress
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to tools (master)

Reviewed: https://review.opendev.org/c/starlingx/tools/+/884799
Committed: https://opendev.org/starlingx/tools/commit/5568a7b51a2ac0f6a4b47db02decb791e4288afb
Submitter: "Zuul (22348)"
Branch: master

commit 5568a7b51a2ac0f6a4b47db02decb791e4288afb
Author: Haiqing Bai <email address hidden>
Date: Tue May 30 23:06:08 2023 +0800

    gnutls: fix CVE-2023-0361

    Upgrade:
    libgnutls28-dev to 3.7.1-5+deb11u3
    libgnutls30 to 3.7.1-5+deb11u3
    Added for build dependency:
    libgnutls-dane0 3.7.1-5+deb11u3
    libgnutls-openssl27 3.7.1-5+deb11u3
    libgnutlsxx28 3.7.1-5+deb11u3

    Refer to:
    https://security-tracker.debian.org/tracker/CVE-2023-0361

    Test Plan:
    Pass: downloader -b
    Pass: build-pkgs --clean
    Pass: build-image
    Pass: Jenkins Installation
    PASS: dpkg -l | grep libgnutls30
          ii libgnutls30:amd64 3.7.1-5+deb11u3

    Closes-Bug: 2020724

    Change-Id: If0a6aced49b6ab343e3231bec47155613aefdf72
    Signed-off-by: Haiqing Bai <email address hidden>

Changed in starlingx:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.