OpenSSL RSA-PSK ClientKeyExchange timing side channel
CVE-2023-5981 Published on November 28, 2023

Gnutls: timing side-channel in the rsa-psk authentication
A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.

Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory Vendor Advisory NVD

Vulnerability Analysis

CVE-2023-5981 can be exploited with network access, and does not require authorization privileges or user interaction. This vulnerability is consided to have a high level of attack complexity. The potential impact of an exploit of this vulnerability is considered to have a high impact on confidentiality, with no impact on integrity and availability.

Attack Vector:
NETWORK
Attack Complexity:
HIGH
Privileges Required:
NONE
User Interaction:
NONE
Scope:
UNCHANGED
Confidentiality Impact:
HIGH
Integrity Impact:
NONE
Availability Impact:
NONE

Timeline

Reported to Red Hat.

Made public. 8 days later.

Weakness Type

Observable Timing Discrepancy

Two separate operations in a product require different amounts of time to complete, in a way that is observable to an actor and reveals security-relevant information about the state of the product, such as whether a particular operation was successful or not. In security-relevant contexts, even small variations in timing can be exploited by attackers to indirectly infer certain details about the product's internal operations. For example, in some cryptographic algorithms, attackers can use timing differences to infer certain properties about a private key, making the key easier to guess. Timing discrepancies effectively form a timing side channel.


Products Associated with CVE-2023-5981

You can be notified by email with stack.watch whenever vulnerabilities like CVE-2023-5981 are published in these products:

Gnutls
 
Red Hat Linux
 
Fedora Project Fedora
 
Oracle
 
Red Hat Enterprise Linux (RHEL)
 
Red Hat Rhel Eus
 
Red Hat Openshift Data Foundation
 
Red Hat Logging
 
OpenSSL
 

Affected Versions

Red Hat Enterprise Linux 8: Red Hat Enterprise Linux 8: Red Hat Enterprise Linux 8.6 Extended Update Support: Red Hat Enterprise Linux 8.8 Extended Update Support: Red Hat Enterprise Linux 9: Red Hat Enterprise Linux 9: Red Hat Enterprise Linux 9.2 Extended Update Support: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHODF-4.15-RHEL-9: Red Hat RHOL-5.8-RHEL-9: Red Hat RHOL-5.8-RHEL-9: Red Hat RHOL-5.8-RHEL-9: Red Hat RHOL-5.8-RHEL-9: Red Hat RHOL-5.8-RHEL-9: Red Hat RHOL-5.8-RHEL-9: Red Hat RHOL-5.8-RHEL-9: Red Hat RHOL-5.8-RHEL-9: Red Hat RHOL-5.8-RHEL-9: Red Hat RHOL-5.8-RHEL-9: Red Hat RHOL-5.8-RHEL-9: Red Hat RHOL-5.8-RHEL-9: Red Hat RHOL-5.8-RHEL-9: Red Hat RHOL-5.8-RHEL-9: Red Hat RHOL-5.8-RHEL-9: Red Hat RHOL-5.8-RHEL-9: Red Hat RHOL-5.8-RHEL-9: Red Hat Enterprise Linux 6: Red Hat Enterprise Linux 7:

Exploit Probability

EPSS
0.57%
Percentile
68.35%

EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.