It was discovered that gnutls incorrectly validates the first byte of padding in CBC modes. A remote attacker can possibly take advantage of this flaw to perform a padding oracle attack. Affected are older versions of gnutls (2.x). Public via: https://www.debian.org/security/2015/dsa-3408 http://seclists.org/bugtraq/2015/Dec/0
This bug does not affect RHEL-6 or RHEL-7. They have been patched with the proper fixes for Lucky13 which included the fix for that issue.
It doesn't affect RHEL-5 either.
Details of this issue can be found in the Hanno Böck's blog post: https://blog.hboeck.de/archives/877-A-little-POODLE-left-in-GnuTLS-old-versions.html Here is also the original Ubuntu bug report: https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1510163
Created attachment 1101466 [details] Patch extracted from Debian packages gnutls26-2.12.20-8+deb7u4
The GnuTLS version of Lucky13 got CVE-2013-1619 (bug 908238) and got corrected in Red Hat Enterprise Linux 5 and 6. As noted above, the fix used addressed Lucky13 without leaving this small problem in.