Lucene search
RedHatRHSA-2024:0796HistoryFeb 13, 2024 - 7:59 a.m.
(RHSA-2024:0796) Moderate: gnutls security update
2024-02-1307:59:43
access.redhat.com
19
rhsa-2024-0796; moderate; gnutls; security update; incomplete fix; cve-2023-5981; cve-2024-0553; cryptographic algorithms; ssl; tls; dtls; cvss score; acknowledgments; references
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
6.9 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
82.0%
The gnutls packages provide the GNU Transport Layer Security (GnuTLS) library, which implements cryptographic algorithms and protocols such as SSL, TLS, and DTLS.
Security Fix(es):
- gnutls: incomplete fix for CVE-2023-5981 (CVE-2024-0553)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 8 | s390x | gnutls-c++ | < 3.6.16-7.el8_8.2 | gnutls-c++-3.6.16-7.el8_8.2.s390x.rpm |
| RedHat | 8 | i686 | gnutls-dane | < 3.6.16-7.el8_8.2 | gnutls-dane-3.6.16-7.el8_8.2.i686.rpm |
| RedHat | 8 | x86_64 | gnutls-dane-debuginfo | < 3.6.16-7.el8_8.2 | gnutls-dane-debuginfo-3.6.16-7.el8_8.2.x86_64.rpm |
| RedHat | 8 | x86_64 | gnutls-c++-debuginfo | < 3.6.16-7.el8_8.2 | gnutls-c++-debuginfo-3.6.16-7.el8_8.2.x86_64.rpm |
| RedHat | 8 | s390x | gnutls-dane-debuginfo | < 3.6.16-7.el8_8.2 | gnutls-dane-debuginfo-3.6.16-7.el8_8.2.s390x.rpm |
| RedHat | 8 | aarch64 | gnutls | < 3.6.16-7.el8_8.2 | gnutls-3.6.16-7.el8_8.2.aarch64.rpm |
| RedHat | 8 | i686 | gnutls-dane-debuginfo | < 3.6.16-7.el8_8.2 | gnutls-dane-debuginfo-3.6.16-7.el8_8.2.i686.rpm |
| RedHat | 8 | i686 | gnutls-utils-debuginfo | < 3.6.16-7.el8_8.2 | gnutls-utils-debuginfo-3.6.16-7.el8_8.2.i686.rpm |
| RedHat | 8 | s390x | gnutls-dane | < 3.6.16-7.el8_8.2 | gnutls-dane-3.6.16-7.el8_8.2.s390x.rpm |
| RedHat | 8 | ppc64le | gnutls-dane | < 3.6.16-7.el8_8.2 | gnutls-dane-3.6.16-7.el8_8.2.ppc64le.rpm |
Related
redhatcve
redhatcve
CVE-2024-0553
2024-01-16 11:57:31
CVE-2023-5981
2023-11-28 11:49:29
osv
osv
Moderate: gnutls security update
2024-01-31 00:00:00
Moderate: gnutls security update
2024-02-12 20:17:16
CVE-2024-0553
2024-01-16 12:15:45
nessus
nessus
Rocky Linux 8 : gnutls (RLSA-2024:0627)
2024-02-12 00:00:00
Debian dla-3740 : gnutls-bin - security update
2024-02-26 00:00:00
Amazon Linux 2023 : gnutls, gnutls-c++, gnutls-dane (ALAS2023-2024-548)
2024-03-06 00:00:00
redhat
redhat
(RHSA-2024:0627) Moderate: gnutls security update
2024-01-31 08:17:03
(RHSA-2024:1108) Moderate: gnutls security update
2024-03-05 10:44:59
(RHSA-2024:1082) Moderate: gnutls security update
2024-03-05 06:12:09
rocky
rocky
gnutls security update
2024-02-12 20:17:16
gnutls security update
2024-01-12 19:56:54
openvas
openvas
Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1526)
2024-04-22 00:00:00
Huawei EulerOS: Security Advisory for gnutls (EulerOS-SA-2024-1312)
2024-03-13 00:00:00
SUSE: Security Advisory (SUSE-SU-2024:0860-1)
2024-05-07 00:00:00
f5
f5
K000138649 : GnuTLS vulnerabilities CVE-2023-5981 and CVE-2024-0553
2024-02-21 00:00:00
cve
cve
CVE-2024-0553
2024-01-16 12:15:45
CVE-2023-5981
2023-11-28 12:15:07
almalinux
almalinux
Moderate: gnutls security update
2024-01-31 00:00:00
Moderate: gnutls security update
2024-01-29 00:00:00
Moderate: gnutls security update
2024-01-10 00:00:00
prion
prion
Design/Logic Flaw
2024-01-16 12:15:00
Design/Logic Flaw
2023-11-28 12:15:00
debian
debian
[SECURITY] [DLA 3740-1] gnutls28 security update
2024-02-26 09:38:51
[SECURITY] [DLA 3660-1] gnutls28 security update
2023-11-22 19:12:13
ubuntucve
ubuntucve
CVE-2024-0553
2024-01-16 00:00:00
CVE-2023-5981
2023-11-17 00:00:00
alpinelinux
alpinelinux
CVE-2024-0553
2024-01-16 12:15:45
CVE-2023-5981
2023-11-28 12:15:07
nvd
nvd
CVE-2024-0553
2024-01-16 12:15:45
CVE-2023-5981
2023-11-28 12:15:07
debiancve
debiancve
CVE-2024-0553
2024-01-16 12:15:45
CVE-2023-5981
2023-11-28 12:15:07
cvelist
cvelist
CVE-2024-0553 Gnutls: incomplete fix for cve-2023-5981
2024-01-16 11:40:50
CVE-2023-5981 Gnutls: timing side-channel in the rsa-psk authentication
2023-11-28 11:49:50
oraclelinux
oraclelinux
gnutls security update
2024-01-30 00:00:00
gnutls security update
2024-02-05 00:00:00
gnutls security update
2024-01-11 00:00:00
mageia
mageia
Updated gnutls packages fix security vulnerabilities
2024-02-09 04:34:03
Updated gnutls packages fix a security vulnerability
2024-01-15 01:23:43
fedora
fedora
[SECURITY] Fedora 39 Update: gnutls-3.8.3-1.fc39
2024-01-29 06:26:19
[SECURITY] Fedora 38 Update: gnutls-3.8.3-1.fc38
2024-02-09 01:51:29
cbl_mariner
cbl_mariner
CVE-2024-0553 affecting package gnutls for versions less than 3.8.3-1
2024-06-21 09:32:44
redos
redos
ROS-20240405-06
2024-04-05 00:00:00
veracode
veracode
Side Channel Attack
2023-12-01 09:22:24
Information Exposure
2024-01-30 17:22:55
ubuntu
ubuntu
GnuTLS vulnerability
2023-11-21 00:00:00
GnuTLS vulnerability
2024-01-08 00:00:00
GnuTLS vulnerabilities
2024-01-22 00:00:00
cloudfoundry
cloudfoundry
USN-6499-1: GnuTLS vulnerability | Cloud Foundry
2024-03-18 00:00:00
USN-6593-1: GnuTLS vulnerabilities | Cloud Foundry
2024-02-29 00:00:00
slackware
slackware
[slackware-security] gnutls
2024-01-16 20:56:31
photon
photon
Moderate Photon OS Security Update - PHSA-2024-4.0-0537
2024-01-03 00:00:00
Moderate Photon OS Security Update - PHSA-2023-3.0-0705
2023-12-28 00:00:00
Moderate Photon OS Security Update - PHSA-2024-5.0-0182
2024-01-02 00:00:00
ibm
ibm
7.5 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
6.9 Medium
AI Score
Confidence
Low
0.008 Low
EPSS
Percentile
82.0%
Related for RHSA-2024:0796