Nixpkgs security tracker
Untriaged
Permalink
CVE-2024-0553
7.5 HIGH
- CVSS version: 3.1
- Attack vector (AV): NETWORK
- Attack complexity (AC): LOW
- Privileges required (PR): NONE
- User interaction (UI): NONE
- Scope (S): UNCHANGED
- Confidentiality impact (C): HIGH
- Integrity impact (I): NONE
- Availability impact (A): NONE
Gnutls: incomplete fix for cve-2023-5981
A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.
References
-
-
-
-
-
-
-
-
-
-
https://gitlab.com/gnutls/gnutls/-/issues/1522 x_transferred
-
http://www.openwall.com/lists/oss-security/2024/01/19/3 x_transferred
-
https://security.netapp.com/advisory/ntap-20240202-0011/ x_transferred
Affected products
gnutls
- ==3.8.3
- *
- <3.8.3
odf4/cephcsi-rhel9
- *
odf4/odf-cli-rhel9
- *
odf4/mcg-core-rhel9
- *
odf4/odf-console-rhel9
- *
odf4/mcg-rhel9-operator
- *
odf4/ocs-rhel9-operator
- *
odf4/odf-rhel9-operator
- *
odf4/odr-rhel9-operator
- *
odf4/mcg-operator-bundle
- *
odf4/ocs-operator-bundle
- *
odf4/odf-operator-bundle
- *
odf4/odf-must-gather-rhel9
- *
odf4/odf-cosi-sidecar-rhel9
- *
odf4/odr-hub-operator-bundle
- *
odf4/ocs-client-console-rhel9
- *
odf4/rook-ceph-rhel9-operator
- *
odf4/ocs-client-rhel9-operator
- *
openshift-logging/vector-rhel9
- *
odf4/ocs-client-operator-bundle
- *
odf4/ocs-metrics-exporter-rhel9
- *
openshift-logging/fluentd-rhel9
- *
odf4/odr-cluster-operator-bundle
- *
odf4/odf-csi-addons-sidecar-rhel9
- *
odf4/odf-csi-addons-rhel9-operator
- *
odf4/odf-csi-addons-operator-bundle
- *
odf4/odf-multicluster-console-rhel9
- *
openshift-logging/eventrouter-rhel9
- *
odf4/odf-multicluster-rhel9-operator
- *
openshift-logging/logging-loki-rhel9
- *
odf4/odf-multicluster-operator-bundle
- *
openshift-logging/loki-rhel9-operator
- *
openshift-logging/opa-openshift-rhel9
- *
openshift-logging/elasticsearch6-rhel9
- *
openshift-logging/loki-operator-bundle
- *
openshift-logging/logging-curator5-rhel9
- *
openshift-logging/lokistack-gateway-rhel9
- *
openshift-logging/elasticsearch-proxy-rhel9
- *
openshift-logging/logging-view-plugin-rhel9
- *
openshift-logging/elasticsearch-rhel9-operator
- *
openshift-logging/elasticsearch-operator-bundle
- *
openshift-logging/cluster-logging-rhel9-operator
- *
openshift-logging/log-file-metric-exporter-rhel9
- *
openshift-logging/cluster-logging-operator-bundle
- *
Matching in nixpkgs
pkgs.gnutls
GNU Transport Layer Security Library
pkgs.guile-gnutls
Guile bindings for GnuTLS library
pkgs.python311Packages.python3-gnutls
Python wrapper for the GnuTLS library
-
nixos-unstable python3-gnutls-3.1.10
- nixpkgs-unstable python3-gnutls-3.1.10
- nixos-unstable-small python3-gnutls-3.1.10
pkgs.python312Packages.python3-gnutls
Python wrapper for the GnuTLS library
-
nixos-unstable python3-gnutls-3.1.10
- nixpkgs-unstable python3-gnutls-3.1.10
- nixos-unstable-small python3-gnutls-3.1.10
pkgs.python313Packages.python3-gnutls
Python wrapper for the GnuTLS library
-
nixos-unstable python3-gnutls-3.1.10
- nixpkgs-unstable python3-gnutls-3.1.10
- nixos-unstable-small python3-gnutls-3.1.10
Package maintainers
-
@vcunat Vladimír Čunát <v@cunat.cz>
-
@foo-dogsquared Gabriel Arazas <foodogsquared@foodogsquared.one>
-
@charlieshanley Charlie Hanley <charlieshanley@gmail.com>