CVE-2018-16869 -- nettle-devID: oval:org.secpod.oval:def:1901129 | Date: (C)2019-03-05 (M)2024-01-23 |
Class: VULNERABILITY | Family: unix |
A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle-dev handles endian conversion of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run a process on the same physical core as the victim process, could use this flaw extract plaintext or in some cases downgrade any TLS connections to a vulnerable server.
Platform: |
Ubuntu 16.04 |
Ubuntu 18.10 |
Ubuntu 14.04 |
Ubuntu 18.04 |