Impact
A flaw exists in the libgnutls library where a remote attacker can send an unusually short premaster secret during an RSA key exchange to a server that uses an RSA key backed by a PKCS#11 token. This can trigger a short heap overread, exposing sensitive information located in memory. The overread is a type of buffer overread (CWE-126) that may reveal session keys or other confidential data.
Affected Systems
Systems running Red Hat Enterprise Linux versions 6, 7, 8, 9, and 10, Red Hat Discovery 2, Red Hat Hardened Images, Red Hat OpenShift Container Platform 4, and Red Hat Update Infrastructure 5 that use libgnutls with RSA keys stored in PKCS#11 tokens for TLS handshakes are vulnerable.
Risk and Exploitability
The vulnerability is assigned a CVSS score of 8.2, indicating a high severity for information disclosure. The EPSS score is reported as < 1 %, and it is not listed in the CISA KEV catalog, implying a low likelihood of widespread exploitation today. Nevertheless, an attacker who can reach the vulnerable server over the network can trigger the flaw during the TLS handshake by sending an exceptionally short premaster secret. If successful, the heap overread can leak memory contents, potentially exposing session keys, private data, or other sensitive information. The attack requires the presence of an RSA key backed by a PKCS#11 token and active TLS client connections.
OpenCVE Enrichment
Debian DLA
Debian DSA
Ubuntu USN