A Bleichenbacher type side-channel based padding oracle attack was found in the way gnutls handles verification of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run process on the same physical core as the victim process, could use this to extract plaintext or in some cases downgrade any TLS connections to a vulnerable server.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: redhat
Published: 2018-12-03T14:00:00
Updated: 2024-08-05T10:32:54.146Z
Reserved: 2018-09-11T00:00:00
Link: CVE-2018-16868
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-12-03T14:29:00.333
Modified: 2024-11-21T03:53:29.250
Link: CVE-2018-16868
Redhat