Bug 1287572 - (CVE-2015-8313) CVE-2015-8313 gnutls: First byte of the padding in CBC mode is not checked
CVE-2015-8313 gnutls: First byte of the padding in CBC mode is not checked
Product: Security Response
Classification: Other
Component: vulnerability (Show other bugs)
All Linux
low Severity low
: ---
: ---
Assigned To: Red Hat Product Security
: Security
Depends On:
Blocks: 1287573
  Show dependency treegraph
Reported: 2015-12-02 06:23 EST by Adam Mariš
Modified: 2015-12-02 07:56 EST (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2015-12-02 07:56:26 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Patch extracted from Debian packages gnutls26-2.12.20-8+deb7u4 (764 bytes, text/plain)
2015-12-02 07:53 EST, Tomas Hoger
no flags Details

  None (edit)
Description Adam Mariš 2015-12-02 06:23:09 EST
It was discovered that gnutls incorrectly validates the first byte of padding in CBC modes. A remote attacker can possibly take advantage of this flaw to perform a padding oracle attack. Affected are older versions of gnutls (2.x).

Public via:

Comment 1 Nikos Mavrogiannopoulos 2015-12-02 07:02:27 EST
This bug does not affect RHEL-6 or RHEL-7. They have been patched with the proper fixes for Lucky13 which included the fix for that issue.
Comment 2 Nikos Mavrogiannopoulos 2015-12-02 07:04:21 EST
It doesn't affect RHEL-5 either.
Comment 3 Tomas Hoger 2015-12-02 07:49:59 EST
Details of this issue can be found in the Hanno Böck's blog post:


Here is also the original Ubuntu bug report:

Comment 4 Tomas Hoger 2015-12-02 07:53 EST
Created attachment 1101466 [details]
Patch extracted from Debian packages gnutls26-2.12.20-8+deb7u4
Comment 5 Tomas Hoger 2015-12-02 07:56:26 EST
The GnuTLS version of Lucky13 got CVE-2013-1619 (bug 908238) and got corrected in Red Hat Enterprise Linux 5 and 6.  As noted above, the fix used addressed Lucky13 without leaving this small problem in.

Note You need to log in before you can comment on or make changes to this bug.