The GNU Transport Layer Security Library (GnuTLS) patched a vulnerability hidden in code for nearly two years. The issue applies to a flaw in how TLS 1.3 session resumption works without a master key. As a result, an attacker could exploit and launch man-in-the-middle (MITM) attacks.
GnuTLS, a free software implementation of the TLS, SSL and DTLS protocols, is used in a number of Linux distributions. For example, OpenSUSE, Debian, Ubuntu, Fedora, Gentoo, and others utilize GnuTLS and issued security advisories to address the vulnerability.
NIST describes the GnuTLS TLS vulnerability CVE-2020-13777 in recent advisory:
“GnuTLS 3.6.x before 3.6.14 uses incorrect cryptography for encrypting a session ticket (a loss of confidentiality in TLS 1.2, and an authentication bypass in TLS 1.3). The earliest affected version is 3.6.4 (2018-09-24) because of an error in a 2018-09-18 commit. Until the first key rotation, the TLS server always uses wrong data in place of an encryption key derived from an application.”
NIST
As reported by The Register, security researcher dubbed “Airtower” published details about the GnuTLS flaw on GitLab last week.
“This allows a MITM server without valid credentials to resume sessions with a client that first established an initial connection with a server with valid credentials,” Airtower noted.
To address the issue, the GnuTLS team recommends users upgrade to GnuTLS 3.6.14 or later versions.