PublicDateAtUSN: 2018-08-22 Candidate: CVE-2018-10846 PublicDate: 2018-08-22 13:29:00 UTC References: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-10846 https://eprint.iacr.org/2018/747 https://ubuntu.com/security/notices/USN-3999-1 Description: A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets. Ubuntu-Description: Notes: mdeslaur> same commits as listed in CVE-2018-10844 Bugs: https://gitlab.com/gnutls/gnutls/issues/456 Priority: medium Discovered-by: Assigned-to: mdeslaur CVSS: nvd: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N [5.6 MEDIUM] nvd: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N [5.6 MEDIUM] Patches_gnutls26: upstream_gnutls26: needs-triage precise/esm_gnutls26: ignored (end of ESM support, was needs-triage) trusty_gnutls26: ignored (reached end-of-life) trusty/esm_gnutls26: needs-triage xenial_gnutls26: DNE bionic_gnutls26: DNE cosmic_gnutls26: DNE disco_gnutls26: DNE eoan_gnutls26: DNE focal_gnutls26: DNE groovy_gnutls26: DNE hirsute_gnutls26: DNE impish_gnutls26: DNE jammy_gnutls26: DNE devel_gnutls26: DNE Patches_gnutls28: upstream: https://gitlab.com/gnutls/gnutls/merge_requests/657 upstream: https://gitlab.com/gnutls/gnutls/commit/ce671a6db9e47006cff152d485091141b1569f39 (3.6) upstream_gnutls28: released (3.5.19,3.6.3) precise/esm_gnutls28: DNE trusty_gnutls28: ignored (reached end-of-life) trusty/esm_gnutls28: DNE (trusty was needed) xenial_gnutls28: released (3.4.10-4ubuntu1.5) esm-infra/xenial_gnutls28: released (3.4.10-4ubuntu1.5) bionic_gnutls28: released (3.5.18-1ubuntu1.1) cosmic_gnutls28: not-affected (3.6.4-2ubuntu1) disco_gnutls28: not-affected (3.6.5-2ubuntu1) eoan_gnutls28: not-affected (3.6.5-2ubuntu1) focal_gnutls28: not-affected (3.6.5-2ubuntu1) groovy_gnutls28: not-affected (3.6.5-2ubuntu1) hirsute_gnutls28: not-affected (3.6.5-2ubuntu1) impish_gnutls28: not-affected (3.6.5-2ubuntu1) jammy_gnutls28: not-affected (3.6.5-2ubuntu1) devel_gnutls28: not-affected (3.6.5-2ubuntu1)