Bugzilla – Bug 1118087
VUL-0: CVE-2018-16868: gnutls: Bleichenbacher-like side channel leakage in PKCS#1 v1.5 verification and padding oracle verification
Last modified: 2024-04-08 13:50:58 UTC
rh#1654929 GnuTLS is vulnerable to Bleichenbacher-like side channel leakage in PKCS#1 1.5 verificati on and padding oracle verification. References: https://bugzilla.redhat.com/show_bug.cgi?id=1654929 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-16868 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-16868
see bug 1117951
Fixed in the recent GnuTLS 3.6.5: https://lists.gnupg.org/pipermail/gnutls-help/2018-December/004465.html
The fix for CVE-2018-16868 fundamentally depends on a new rsa_sec_decrypt() function introduced in the latest nettle release (3.4.1). The function was backported to SLE-15 in https://build.suse.de/request/show/180032. It's however not available on older distributions.
Fixing this requires libnettle 3.4.1 which is only available on SLE-15. libnettle 3.4.1 introduced secure rsa_sec_decrypt() and hardened the other RSA functions to be side-channel resistant. Any older libnettle will still leak information about the secret data via its timing and memory access patterns.
SUSE-SU-2019:1121-1: An update that fixes three vulnerabilities is now available. Category: security (important) Bug References: 1118087,1130681,1130682 CVE References: CVE-2018-16868,CVE-2019-3829,CVE-2019-3836 Sources used: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src): gnutls-3.6.7-6.8.1 SUSE Linux Enterprise Module for Desktop Applications 15 (src): gnutls-3.6.7-6.8.1 SUSE Linux Enterprise Module for Basesystem 15 (src): gnutls-3.6.7-6.8.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2019:1353-1: An update that fixes three vulnerabilities is now available. Category: security (important) Bug References: 1118087,1130681,1130682 CVE References: CVE-2018-16868,CVE-2019-3829,CVE-2019-3836 Sources used: openSUSE Leap 15.0 (src): gnutls-3.6.7-lp150.9.1
SUSE-SU-2019:1351-1: An update that solves one vulnerability and has one errata is now available. Category: security (important) Bug References: 1118087,1134856 CVE References: CVE-2018-16868 Sources used: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 (src): gnutls-3.6.7-6.11.1 SUSE Linux Enterprise Module for Desktop Applications 15 (src): gnutls-3.6.7-6.11.1 SUSE Linux Enterprise Module for Basesystem 15 (src): gnutls-3.6.7-6.11.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
openSUSE-SU-2019:1477-1: An update that solves one vulnerability and has one errata is now available. Category: security (important) Bug References: 1118087,1134856 CVE References: CVE-2018-16868 Sources used: openSUSE Leap 15.1 (src): gnutls-3.6.7-lp151.2.3.1 openSUSE Leap 15.0 (src): gnutls-3.6.7-lp150.12.1
SUSE-SU-2019:1351-2: An update that solves one vulnerability and has one errata is now available. Category: security (important) Bug References: 1118087,1134856 CVE References: CVE-2018-16868 Sources used: SUSE Linux Enterprise Module for Open Buildservice Development Tools 15-SP1 (src): gnutls-3.6.7-6.11.1 SUSE Linux Enterprise Module for Basesystem 15-SP1 (src): gnutls-3.6.7-6.11.1 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.
We're not currently planning to fix this vulnerability on SLE-12 and older distributions. The gnutls fix requires new functionality in libnettle (see comment 7), which is however hard to backport to SLE-12 (bug 1118086 comment 13).