gnutls-3.7.6-23.el9_3.3
エラータID: AXSA:2024-7484:02
リリース日:
2024/01/30 Tuesday - 18:25
題名:
gnutls-3.7.6-23.el9_3.3
影響のあるチャネル:
MIRACLE LINUX 9 for x86_64
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- GnuTLS には、RSA-PSK ClientKeyExchange による暗号文への
応答時間と、適切に PKCS#1 v1.5 のパディングが使用された暗号文
への応答時間が異なる問題があるため、リモートの攻撃者により、
細工された RSA-PSK ClientKeyExchange による暗号文を介して、
情報の漏洩を可能とする脆弱性が存在します。(CVE-2023-5981)
- GnuTLS には、RSA-PSK ClientKeyExchange による暗号文への
応答時間と、適切に PKCS#1 v1.5 のパディングが使用された暗号文
への応答時間が異なる問題があるため、リモートの攻撃者により、
細工された RSA-PSK ClientKeyExchange による暗号文を介して、
情報の漏洩を可能とする脆弱性が存在します。(CVE-2024-0553)
- GnuTLS には、cockpit-certificate-ensure が証明書チェーン
を検証する際に妥当な証明書チェーンを誤って拒否してしまう問題が
あるため、リモートの攻撃者により、認証されていないクライアント
を介して、サービス拒否攻撃を可能とする脆弱性が存在します。
(CVE-2024-0567)
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2023-5981
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.
CVE-2024-0553
A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.
A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from the response times of ciphertexts with correct PKCS#1 v1.5 padding. This issue may allow a remote attacker to perform a timing side-channel attack in the RSA-PSK key exchange, potentially leading to the leakage of sensitive data. CVE-2024-0553 is designated as an incomplete resolution for CVE-2023-5981.
CVE-2024-0567
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.
A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.
追加情報:
N/A
ダウンロード:
SRPMS
- gnutls-3.7.6-23.el9_3.3.src.rpm
MD5: 726daee44e4756ba1c001f6329701bda
SHA-256: 7c4b9513db3444243d19e25b560b9f4464eb2263a73bbe2b108638962bfd1283
Size: 8.13 MB
Asianux Server 9 for x86_64
- gnutls-3.7.6-23.el9_3.3.i686.rpm
MD5: db2059069f8ee72327544a79d55fafb1
SHA-256: 5b986f21f12ae313f3310ceb04a294934fb1d6836955deb11ba1e7963058c029
Size: 1.04 MB - gnutls-3.7.6-23.el9_3.3.x86_64.rpm
MD5: dfb094bbbc4d67ac1f9f84bb08170058
SHA-256: 5763408f8c5b144706192913c02ec259e58a423bcb4393b934baee192b299c31
Size: 1.05 MB - gnutls-c++-3.7.6-23.el9_3.3.i686.rpm
MD5: 5eda11379973ceeb0e48f4d25046eae5
SHA-256: 346c36f18d5c10cef04f645447e0b8aad7b8e399ec6b49421fc626fa2d95ff4d
Size: 33.34 kB - gnutls-c++-3.7.6-23.el9_3.3.x86_64.rpm
MD5: 9c3e2a8ce68af58ccab7c8490bda5db8
SHA-256: 83a222ebfe6a46e607d18d1f40002b3624876e57379ec9db292bfb07f8586e6a
Size: 32.21 kB - gnutls-dane-3.7.6-23.el9_3.3.i686.rpm
MD5: 91a7461fbf54b448990f963d4b4629e2
SHA-256: e896e9c9e21894e3307bc1c46e35daafe2ab8d7df2914d716d88f2f98c52bb4a
Size: 22.07 kB - gnutls-dane-3.7.6-23.el9_3.3.x86_64.rpm
MD5: 31c74a8971eb00ab2ef8b1c577f51517
SHA-256: ec06a8963b35528bb1b9a3f3cad813278aa0598b40a318611d0802d8df5b8ff1
Size: 21.83 kB - gnutls-devel-3.7.6-23.el9_3.3.i686.rpm
MD5: 1994d4310648192fa0ac97dae346cad3
SHA-256: bb25020f92cbebf8ef84dbf3f996dc03dfbed814d09a866c813cacc21ad51dfc
Size: 2.45 MB - gnutls-devel-3.7.6-23.el9_3.3.x86_64.rpm
MD5: 918f6e052f82c606277728ee3af835c3
SHA-256: f6730f153030f7eab3d30a7410099a6c06b5db343dc8eb1dbdec7d2abe3b8bb1
Size: 2.45 MB - gnutls-utils-3.7.6-23.el9_3.3.x86_64.rpm
MD5: 3030509ce522c01d9fa6c87c506893c1
SHA-256: fab9c9a8ee77af581c28d4b677db3e33c6eaf8a3dc96b5f129bb588dffc65c2e
Size: 269.97 kB