A Bleichenbacher type side-channel based padding oracle attack was found in the way nettle handles endian conversion of RSA decrypted PKCS#1 v1.5 data. An attacker who is able to run a process on the same physical core as the victim process, could use this flaw extract plaintext or in some cases downgrade any TLS connections to a vulnerable server.
{ "availability": "No subscription required", "ubuntu_priority": "low", "binaries": [ { "nettle-dev": "3.4.1-0ubuntu0.18.04.1", "nettle-bin": "3.4.1-0ubuntu0.18.04.1", "libhogweed4-dbgsym": "3.4.1-0ubuntu0.18.04.1", "libnettle6": "3.4.1-0ubuntu0.18.04.1", "libhogweed4": "3.4.1-0ubuntu0.18.04.1", "libnettle6-dbgsym": "3.4.1-0ubuntu0.18.04.1", "nettle-bin-dbgsym": "3.4.1-0ubuntu0.18.04.1" } ] }