Bugzilla – Bug 1105437
VUL-0: CVE-2018-10844: gnutls: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls
Last modified: 2024-04-08 13:50:39 UTC
rh#1582571 It was found that GnuTLS implementation of HMAC-SHA-256 was vulnerable to Lucky thirteen style attack due to the fact that not enough dummy compression function calls are added to cater for every situation. References: https://bugzilla.redhat.com/show_bug.cgi?id=1582571 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-10844
paper https://eprint.iacr.org/2018/747
SUSE-SU-2018:2825-1: An update that fixes four vulnerabilities is now available. Category: security (moderate) Bug References: 1047002,1105437,1105459,1105460 CVE References: CVE-2017-10790,CVE-2018-10844,CVE-2018-10845,CVE-2018-10846 Sources used: SUSE OpenStack Cloud 7 (src): gnutls-3.2.15-18.6.1 SUSE Linux Enterprise Server for SAP 12-SP2 (src): gnutls-3.2.15-18.6.1 SUSE Linux Enterprise Server for SAP 12-SP1 (src): gnutls-3.2.15-18.6.1 SUSE Linux Enterprise Server 12-SP2-LTSS (src): gnutls-3.2.15-18.6.1 SUSE Linux Enterprise Server 12-SP1-LTSS (src): gnutls-3.2.15-18.6.1 SUSE Linux Enterprise Server 12-LTSS (src): gnutls-3.2.15-18.6.1 SUSE Enterprise Storage 4 (src): gnutls-3.2.15-18.6.1
SUSE-SU-2018:2842-1: An update that fixes four vulnerabilities is now available. Category: security (moderate) Bug References: 1047002,1105437,1105459,1105460 CVE References: CVE-2017-10790,CVE-2018-10844,CVE-2018-10845,CVE-2018-10846 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP3 (src): gnutls-3.3.27-3.3.1 SUSE Linux Enterprise Server 12-SP3 (src): gnutls-3.3.27-3.3.1 SUSE Linux Enterprise Desktop 12-SP3 (src): gnutls-3.3.27-3.3.1
openSUSE-SU-2018:2854-1: An update that fixes four vulnerabilities is now available. Category: security (moderate) Bug References: 1047002,1105437,1105459,1105460 CVE References: CVE-2017-10790,CVE-2018-10844,CVE-2018-10845,CVE-2018-10846 Sources used: openSUSE Leap 42.3 (src): gnutls-3.3.27-2.3.1
SUSE-SU-2018:2930-1: An update that fixes four vulnerabilities is now available. Category: security (moderate) Bug References: 1047002,1105437,1105459,1105460 CVE References: CVE-2017-10790,CVE-2018-10844,CVE-2018-10845,CVE-2018-10846 Sources used: SUSE Linux Enterprise Module for Desktop Applications 15 (src): gnutls-3.6.2-6.3.1 SUSE Linux Enterprise Module for Basesystem 15 (src): gnutls-3.6.2-6.3.1
openSUSE-SU-2018:2958-1: An update that fixes four vulnerabilities is now available. Category: security (moderate) Bug References: 1047002,1105437,1105459,1105460 CVE References: CVE-2017-10790,CVE-2018-10844,CVE-2018-10845,CVE-2018-10846 Sources used: openSUSE Leap 15.0 (src): gnutls-3.6.2-lp150.4.3.1
released
After a closer look, neither SLE-11 nor SLE-10 are vulnerable to this type of lucky-13 attack. SLE-11's gnutls 2.4.1 supports TLS up to version 1.1 and it doesn't accept negotiating SHA-2 cipher suites. That rules out bugs CVE-2018-10844 and CVE-2018-10845 which both require SHA256/SHA384 HMACs. SLE-10 has gnutls 1.2.10 which doesn't implement SHA-2 at all.
done
SUSE-SU-2018:2825-2: An update that fixes four vulnerabilities is now available. Category: security (moderate) Bug References: 1047002,1105437,1105459,1105460 CVE References: CVE-2017-10790,CVE-2018-10844,CVE-2018-10845,CVE-2018-10846 Sources used: SUSE Linux Enterprise Server 12-SP2-BCL (src): gnutls-3.2.15-18.6.1