CVE-2024-0553: A vulnerability was found in GnuTLS. The response times to malformed ciphertexts in RSA-PSK...

The vulnerability description points to a timing side-channel in RSA-PSK ClientKeyExchange. The commit for GnuTLS 3.8.3, which fixes CVE-2024-0553, shows significant modifications in the _gnutls_proc_rsa_psk_client_kx function within lib/auth/rsa_psk.c. These changes are directly related to the handling and decryption of the premaster secret, which is the core of the described vulnerability. The patch aims to make the processing time for valid and invalid ciphertexts more uniform. The other modified function, _gnutls_sort_clist, is related to a different CVE (CVE-2024-0567) and not this timing attack.

Initially, I attempted to use get_commit_urls_from_issue but it returned no commit URLs. Then, I used search_cve_details_on_google and fetch_url_content to gather more context about the CVE and the GnuTLS 3.8.3 release. The release notes confirmed that version 3.8.3 addresses CVE-2024-0553. I then used get_repo_tags to find the commit SHA for the 3.8.3 tag. Attempts to use get_repo_commits with this tag failed due to an internal tool error. However, since I had the commit SHA (2f04c14daa086889b4e85f7056c39d23766ddaa1) from get_repo_tags, I used get_commit_infos with this SHA. The commit details clearly showed changes in lib/auth/rsa_psk.c within the _gnutls_proc_rsa_psk_client_kx function, which aligns perfectly with the vulnerability description concerning RSA-PSK ClientKeyExchange timing attacks. The patch modifies how the premaster secret is handled and decrypted, which is the core of the vulnerability. The other modified function, _gnutls_sort_clist, is related to a different CVE (CVE-2024-0567) and not this timing attack, as indicated by the NEWS file in the commit and the security advisories found online. Therefore, _gnutls_proc_rsa_psk_client_kx is identified as the vulnerable function with high confidence based on the direct evidence in the patch and the vulnerability description.