CVE-2023-5981

Gnutls: timing side-channel in the rsa-psk authentication

Published: 11/28/2023 Last updated: 11/6/2025 Reserved: 11/7/2023

A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Metrics

Version	Score	Severity	Vector String
3.1	5.9	Medium	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Opam packages affected (5)

conf-gnutls conf-mingw-w64-gnutls-i686 conf-mingw-w64-gnutls-x86_64 conf-srt conf-srt-gnutls

Products affected (85)

Product	Vendor	Version
Red Hat Enterprise Linux 6	Red Hat	< 8.2.2106
Red Hat Enterprise Linux 8	Red Hat	WCN3680
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	103
Red Hat Enterprise Linux 9	Red Hat	1.0
Red Hat Enterprise Linux 9	Red Hat	WCN3680B
Red Hat Enterprise Linux 8	Red Hat	<= 8.0
Red Hat Enterprise Linux 7	Red Hat	3.3.2SG
Red Hat Enterprise Linux 6	Red Hat	All Android releases from CAF using the Linux kernel
Red Hat Enterprise Linux 9.2 Extended Update Support	Red Hat	>=8.12, <14.1.7
Red Hat Enterprise Linux 9	Red Hat	<= <=9.2.5
Red Hat Enterprise Linux 9	Red Hat	12.4(24)MDB14
Red Hat Enterprise Linux 8.8 Extended Update Support	Red Hat	12.4(24)MDB3
Red Hat Enterprise Linux 8.6 Extended Update Support	Red Hat	15.0(2)SG8
Red Hat Enterprise Linux 8	Red Hat	< 10.0.14393.5356
Red Hat Enterprise Linux 8	Red Hat	15.2(4)M3
Red Hat Enterprise Linux 7	Red Hat	< 9.5.4
RHODF-4.15-RHEL-9	Red Hat	n/a
RHODF-4.15-RHEL-9	Red Hat	n/a
RHODF-4.15-RHEL-9	Red Hat	n/a
RHODF-4.15-RHEL-9	Red Hat	WCN3980
RHODF-4.15-RHEL-9	Red Hat	15.2(4)GC3
RHODF-4.15-RHEL-9	Red Hat	< 13.3
RHODF-4.15-RHEL-9	Red Hat	n/a
RHODF-4.15-RHEL-9	Red Hat	< 102.0.5005.61
RHODF-4.15-RHEL-9	Red Hat	WCN3998
RHODF-4.15-RHEL-9	Red Hat	12.2(33)SCG6
RHODF-4.15-RHEL-9	Red Hat	12.2(33)IRH
RHODF-4.15-RHEL-9	Red Hat	WCN3999
RHODF-4.15-RHEL-9	Red Hat	WSA8810
RHODF-4.15-RHEL-9	Red Hat	9206 LTE Modem
RHODF-4.15-RHEL-9	Red Hat	WSA8815
RHODF-4.15-RHEL-9	Red Hat	QTS110
RHODF-4.15-RHEL-9	Red Hat	n/a
RHODF-4.15-RHEL-9	Red Hat	15.1(1)SY6
RHODF-4.15-RHEL-9	Red Hat	<= 23.5.3
RHODF-4.15-RHEL-9	Red Hat	<= 24.1
RHODF-4.15-RHEL-9	Red Hat	15.1(2)SY11
RHODF-4.15-RHEL-9	Red Hat	n/a
RHODF-4.15-RHEL-9	Red Hat	n/a
RHODF-4.15-RHEL-9	Red Hat	< publication
RHODF-4.15-RHEL-9	Red Hat	< 4a7f9a2591a923bdde4bd7eac33490b6ae3b257c
RHODF-4.15-RHEL-9	Red Hat	15.3(3)S2
RHODF-4.15-RHEL-9	Red Hat	< 5aa57d9f2d5311f19434d95b2a81610aa263e23b
RHODF-4.15-RHEL-9	Red Hat	71f8d9a4f6e094bae951765d1d18b44827013001
RHODF-4.15-RHEL-9	Red Hat	15.3(3)S4
RHODF-4.15-RHEL-9	Red Hat	11.5
RHODF-4.15-RHEL-9	Red Hat	15.3.0
RHODF-4.15-RHEL-9	Red Hat	15.3(3)S7
RHODF-4.15-RHEL-9	Red Hat	n/a
RHODF-4.15-RHEL-9	Red Hat	< publication
RHODF-4.15-RHEL-9	Red Hat	n/a
RHODF-4.15-RHEL-9	Red Hat	15.3(3)S8a
RHODF-4.15-RHEL-9	Red Hat	6.10
RHODF-4.15-RHEL-9	Red Hat	various
RHOL-5.8-RHEL-9	Red Hat	< 6.10
RHOL-5.8-RHEL-9	Red Hat	15.4(1)T1
RHOL-5.8-RHEL-9	Red Hat	15.4(2)T3
RHOL-5.8-RHEL-9	Red Hat	16.0.0-16.0.0.1, 15.1.0-15.1.0.5, 14.1.0-14.1.3, 13.1.0-13.1.3.4
RHOL-5.8-RHEL-9	Red Hat	< *
RHOL-5.8-RHEL-9	Red Hat	<= 2.1.2
RHOL-5.8-RHEL-9	Red Hat	15.4(2)T4
RHOL-5.8-RHEL-9	Red Hat	<= 6.11.*
RHOL-5.8-RHEL-9	Red Hat	12.2(33)SCH1
RHOL-5.8-RHEL-9	Red Hat	<= *
RHOL-5.8-RHEL-9	Red Hat	various
RHOL-5.8-RHEL-9	Red Hat	1.0
RHOL-5.8-RHEL-9	Red Hat	< *
RHOL-5.8-RHEL-9	Red Hat	<= 0.6.0
RHOL-5.8-RHEL-9	Red Hat	n/a
RHOL-5.8-RHEL-9	Red Hat	11.0.0, 11.0.1
RHOL-5.8-RHEL-9	Red Hat	1.4
RHOL-5.8-RHEL-9	Red Hat	1.5
RHOL-5.8-RHEL-9	Red Hat	n/a
RHOL-5.8-RHEL-9	Red Hat	5.1.3 and prior
RHOL-5.8-RHEL-9	Red Hat	15.2(2)E
RHOL-5.8-RHEL-9	Red Hat	15.2(3)E
RHOL-5.8-RHEL-9	Red Hat	n/a
RHOL-5.8-RHEL-9	Red Hat	n/a
RHOL-5.8-RHEL-9	Red Hat	See HP Security Bulletin reference for affected versions.
RHOL-5.8-RHEL-9	Red Hat	3.7.5S
RHOL-5.8-RHEL-9	Red Hat	n/a
RHOL-5.8-RHEL-9	Red Hat	Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2
RHOL-5.8-RHEL-9	Red Hat	< 9.0
RHOL-5.8-RHEL-9	Red Hat	3.7.1aS
RHOL-5.8-RHEL-9	Red Hat	Adobe Flash Player 24.0.0.194 and earlier.

References (48)

Credits (2)

This issue was discovered by Daiki Ueno (Red Hat).
This issue was discovered by Daiki Ueno (Red Hat).