A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run a process on the same physical core as the victim process, could use this flaw extract plaintext or in some cases downgrade any TLS connections to a vulnerable server. (CVE-2018-16869)
Impact
BIG-IP Virtual Edition or vCMP with single-core guests are affected by this vulnerability. When tsharkis used on the affected BIG-IP system to decrypt the RSA-encrypted TLS traffic, an attacker with the ability to schedule processes on the same physical core may be able to extract the sensitive data in plain text.