Unrated severityNVD Advisory· Published Nov 28, 2023· Updated Feb 25, 2026

Gnutls: timing side-channel in the rsa-psk authentication

CVE-2023-5981

Description

A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.

Affected products

Red Hat/Enterprise Linuxcpe-rescue4 versions
cpe:/a:redhat:enterprise_linux:8::appstream+ 3 more
- cpe:/a:redhat:enterprise_linux:8::appstreamrange: 0:3.6.16-8.el8_9
- cpe:/o:redhat:enterprise_linux:6
- cpe:/o:redhat:enterprise_linux:7
- cpe:/o:redhat:enterprise_linux:9::baseosrange: 0:3.7.6-23.el9_3.3
Red Hat/RHOL-5.8-RHEL-9v5
cpe:/a:redhat:logging:5.8::el9
Range: v0.28.1-56
Red Hat/RHODF-4.15-RHEL-9v5
cpe:/a:redhat:openshift_data_foundation:4.15::el9
Range: v4.15.0-103
Red Hat/Red Hat Enterprise Linux 8.6 Extended Update Supportv5
cpe:/a:redhat:rhel_eus:8.6::appstream
Range: 0:3.6.16-5.el8_6.2
Red Hat/Red Hat Enterprise Linux 9.2 Extended Update Supportv5
cpe:/a:redhat:rhel_eus:9.2::appstream
Range: 0:3.7.6-21.el9_2.1
Red Hat/Red Hat Enterprise Linux 8.8 Extended Update Supportv5
cpe:/o:redhat:rhel_eus:8.8::baseos
Range: 0:3.6.16-7.el8_8.1
osv-coords27 versions
pkg:rpm/almalinux/gnutls pkg:rpm/almalinux/gnutls-c%2B%2B pkg:rpm/almalinux/gnutls-dane pkg:rpm/almalinux/gnutls-devel pkg:rpm/almalinux/gnutls-utils pkg:rpm/opensuse/gnutls&distro=openSUSE%20Leap%2015.4 pkg:rpm/opensuse/gnutls&distro=openSUSE%20Leap%2015.5 pkg:rpm/opensuse/gnutls&distro=openSUSE%20Leap%20Micro%205.4 pkg:rpm/opensuse/gnutls&distro=openSUSE%20Tumbleweed pkg:rpm/suse/gnutls&distro=SUSE%20Enterprise%20Storage%207.1 pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSS pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSS pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Micro%205.1 pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Micro%205.2 pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Micro%205.3 pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Micro%205.4 pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Micro%205.5 pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP4 pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Basesystem%2015%20SP5 pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSS pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1 pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2 pkg:rpm/suse/gnutls&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3
< 3.6.16-8.el8_9+ 26 more
- (no CPE)range: < 3.6.16-8.el8_9
- (no CPE)range: < 3.6.16-8.el8_9
- (no CPE)range: < 3.6.16-8.el8_9
- (no CPE)range: < 3.6.16-8.el8_9
- (no CPE)range: < 3.6.16-8.el8_9
- (no CPE)range: < 3.7.3-150400.4.38.1
- (no CPE)range: < 3.7.3-150400.4.38.1
- (no CPE)range: < 3.7.3-150400.4.38.1
- (no CPE)range: < 3.8.2-1.1
- (no CPE)range: < 3.6.7-150200.14.28.1
- (no CPE)range: < 3.6.7-150000.6.50.1
- (no CPE)range: < 3.6.7-150200.14.28.1
- (no CPE)range: < 3.6.7-150200.14.28.1
- (no CPE)range: < 3.6.7-150200.14.28.1
- (no CPE)range: < 3.6.7-150200.14.28.1
- (no CPE)range: < 3.6.7-150200.14.28.1
- (no CPE)range: < 3.7.3-150400.1.3.1
- (no CPE)range: < 3.7.3-150400.4.38.1
- (no CPE)range: < 3.7.3-150400.4.38.1
- (no CPE)range: < 3.7.3-150400.4.38.1
- (no CPE)range: < 3.7.3-150400.4.38.1
- (no CPE)range: < 3.6.7-150000.6.50.1
- (no CPE)range: < 3.6.7-150200.14.28.1
- (no CPE)range: < 3.6.7-150200.14.28.1
- (no CPE)range: < 3.6.7-150000.6.50.1
- (no CPE)range: < 3.6.7-150200.14.28.1
- (no CPE)range: < 3.6.7-150200.14.28.1

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

access.redhat.com/errata/RHSA-2024:0155mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0319mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0399mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0451mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:0533mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:1383mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/errata/RHSA-2024:2094mitrevendor-advisoryx_refsource_REDHAT
access.redhat.com/security/cve/CVE-2023-5981mitrevdb-entryx_refsource_REDHAT
bugzilla.redhat.com/show_bug.cgimitreissue-trackingx_refsource_REDHAT
gnutls.org/security-new.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000