Security update for gnutls SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2018:2958-1 Final 1 1 2018-10-01T06:07:40Z current 2018-10-01T06:07:40Z 2018-10-01T06:07:40Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for gnutls This update for gnutls fixes the following security issues: - Improved mitigations against Lucky 13 class of attacks - CVE-2018-10846: "Just in Time" PRIME + PROBE cache-based side channel attack can lead to plaintext recovery (bsc#1105460) - CVE-2018-10845: HMAC-SHA-384 vulnerable to Lucky thirteen attack due to use of wrong constant (bsc#1105459) - CVE-2018-10844: HMAC-SHA-256 vulnerable to Lucky thirteen attack due to not enough dummy function calls (bsc#1105437) - CVE-2017-10790: The _asn1_check_identifier function in Libtasn1 caused a NULL pointer dereference and crash (bsc#1047002) This update was imported from the SUSE:SLE-15:Update update project. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00000.html E-Mail link for openSUSE-SU-2018:2958-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings openSUSE Leap 15.0 gnutls-3.6.2-lp150.4.3.1 gnutls-guile-3.6.2-lp150.4.3.1 libgnutls-dane-devel-3.6.2-lp150.4.3.1 libgnutls-dane0-3.6.2-lp150.4.3.1 libgnutls-devel-3.6.2-lp150.4.3.1 libgnutls-devel-32bit-3.6.2-lp150.4.3.1 libgnutls30-3.6.2-lp150.4.3.1 libgnutls30-32bit-3.6.2-lp150.4.3.1 libgnutlsxx-devel-3.6.2-lp150.4.3.1 libgnutlsxx28-3.6.2-lp150.4.3.1 gnutls-3.6.2-lp150.4.3.1 as a component of openSUSE Leap 15.0 gnutls-guile-3.6.2-lp150.4.3.1 as a component of openSUSE Leap 15.0 libgnutls-dane-devel-3.6.2-lp150.4.3.1 as a component of openSUSE Leap 15.0 libgnutls-dane0-3.6.2-lp150.4.3.1 as a component of openSUSE Leap 15.0 libgnutls-devel-3.6.2-lp150.4.3.1 as a component of openSUSE Leap 15.0 libgnutls-devel-32bit-3.6.2-lp150.4.3.1 as a component of openSUSE Leap 15.0 libgnutls30-3.6.2-lp150.4.3.1 as a component of openSUSE Leap 15.0 libgnutls30-32bit-3.6.2-lp150.4.3.1 as a component of openSUSE Leap 15.0 libgnutlsxx-devel-3.6.2-lp150.4.3.1 as a component of openSUSE Leap 15.0 libgnutlsxx28-3.6.2-lp150.4.3.1 as a component of openSUSE Leap 15.0 The _asn1_check_identifier function in GNU Libtasn1 through 4.12 causes a NULL pointer dereference and crash when reading crafted input that triggers assignment of a NULL value within an asn1_node structure. It may lead to a remote denial of service attack. CVE-2017-10790 openSUSE Leap 15.0:gnutls-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:gnutls-guile-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls-dane-devel-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls-dane0-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls-devel-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls-devel-32bit-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls30-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls30-32bit-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutlsxx-devel-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutlsxx28-3.6.2-lp150.4.3.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00000.html https://www.suse.com/security/cve/CVE-2017-10790.html CVE-2017-10790 https://bugzilla.suse.com/1047002 SUSE Bug 1047002 https://bugzilla.suse.com/1047453 SUSE Bug 1047453 It was found that the GnuTLS implementation of HMAC-SHA-256 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plaintext-recovery attacks via statistical analysis of timing data using crafted packets. CVE-2018-10844 openSUSE Leap 15.0:gnutls-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:gnutls-guile-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls-dane-devel-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls-dane0-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls-devel-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls-devel-32bit-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls30-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls30-32bit-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutlsxx-devel-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutlsxx28-3.6.2-lp150.4.3.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00000.html https://www.suse.com/security/cve/CVE-2018-10844.html CVE-2018-10844 https://bugzilla.suse.com/1105437 SUSE Bug 1105437 https://bugzilla.suse.com/1105459 SUSE Bug 1105459 It was found that the GnuTLS implementation of HMAC-SHA-384 was vulnerable to a Lucky thirteen style attack. Remote attackers could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets. CVE-2018-10845 openSUSE Leap 15.0:gnutls-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:gnutls-guile-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls-dane-devel-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls-dane0-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls-devel-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls-devel-32bit-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls30-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls30-32bit-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutlsxx-devel-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutlsxx28-3.6.2-lp150.4.3.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00000.html https://www.suse.com/security/cve/CVE-2018-10845.html CVE-2018-10845 https://bugzilla.suse.com/1105437 SUSE Bug 1105437 https://bugzilla.suse.com/1105459 SUSE Bug 1105459 A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets. CVE-2018-10846 openSUSE Leap 15.0:gnutls-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:gnutls-guile-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls-dane-devel-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls-dane0-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls-devel-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls-devel-32bit-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls30-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutls30-32bit-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutlsxx-devel-3.6.2-lp150.4.3.1 openSUSE Leap 15.0:libgnutlsxx28-3.6.2-lp150.4.3.1 moderate Please Install the update. http://lists.opensuse.org/opensuse-security-announce/2018-10/msg00000.html https://www.suse.com/security/cve/CVE-2018-10846.html CVE-2018-10846 https://bugzilla.suse.com/1105460 SUSE Bug 1105460