CVE-2023-5981

Updated: 2024-02-08 23:17:33.286173

Description:

A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.


Links NIST CIRCL RHEL Ubuntu

Severity

Severity Score
CVSS Version 2.x 0
CVSS Version 3.x MEDIUM 5.9

Status

OS name Project name Version Score Severity Status Errata Last updated
AlmaLinux 9.2 ESU gnutls 3.7.6 5.9 MEDIUM Released CLSA-2024:1708029809 2024-02-15 16:09:02
CentOS 6 ELS gnutls 2.12.23 5.9 MEDIUM Not Vulnerable 2024-02-05 13:09:20
CentOS 7 ELS gnutls 3.3.29 5.9 MEDIUM In Testing 2024-02-05 13:09:19
CentOS 8.4 ELS gnutls 3.6.14 5.9 MEDIUM Released CLSA-2024:1708029216 2024-02-15 16:08:49
CentOS 8.5 ELS gnutls 3.6.16 5.9 MEDIUM Released CLSA-2024:1708029490 2024-02-15 16:08:48
CloudLinux 6 ELS gnutls 2.12.23 5.9 MEDIUM Not Vulnerable 2024-02-05 13:09:20
Oracle Linux 6 ELS gnutls 2.12.23 5.9 MEDIUM Not Vulnerable 2024-02-05 13:09:19
Ubuntu 18.04 ELS gnutls28 3.5.18 5.9 MEDIUM Released CLSA-2024:1707419801 2024-02-08 16:10:01