Red Hat Bugzilla – Bug 1287572
CVE-2015-8313 gnutls: First byte of the padding in CBC mode is not checked
Last modified: 2015-12-02 07:56:26 EST
It was discovered that gnutls incorrectly validates the first byte of padding in CBC modes. A remote attacker can possibly take advantage of this flaw to perform a padding oracle attack. Affected are older versions of gnutls (2.x).
This bug does not affect RHEL-6 or RHEL-7. They have been patched with the proper fixes for Lucky13 which included the fix for that issue.
It doesn't affect RHEL-5 either.
Details of this issue can be found in the Hanno Böck's blog post:
Here is also the original Ubuntu bug report:
Created attachment 1101466 [details]
Patch extracted from Debian packages gnutls26-2.12.20-8+deb7u4
The GnuTLS version of Lucky13 got CVE-2013-1619 (bug 908238) and got corrected in Red Hat Enterprise Linux 5 and 6. As noted above, the fix used addressed Lucky13 without leaving this small problem in.