Vulnerabilities

CVE-2018-10846

by Fred · 22/08/2018

A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets.

Date published : 2018-08-22

http://www.securityfocus.com/bid/105138

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2018-10846

Similar

Tags: Cybersecurity Alert