vulnerability

Oracle Linux: CVE-2018-10845: ELSA-2018-3050: gnutls security, bug fix, and enhancement update (MODERATE) (Multiple Advisories)

Severity
5
CVSS
(AV:N/AC:H/Au:N/C:C/I:N/A:N)
Published
Aug 21, 2018
Added
Nov 6, 2018
Modified
Nov 29, 2024

Description

It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets.
It was found that GnuTLS's implementation of HMAC-SHA-384 was vulnerable to a Lucky Thirteen-style attack. A remote attacker could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets.

Solution(s)

oracle-linux-upgrade-gnutlsoracle-linux-upgrade-gnutls-coracle-linux-upgrade-gnutls-daneoracle-linux-upgrade-gnutls-develoracle-linux-upgrade-gnutls-utils
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.