It was found that GnuTLS#039;s implementation of HMAC-SHA-256 was vulnerable to Lucky Thirteen-style attack. A remote attacker could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets.It was found that GnuTLS#039;s implementation of HMAC-SHA-384 was vulnerable to a Lucky Thirteen-style attack. A remote attacker could use this flaw to conduct distinguishing attacks and plain text recovery attacks via statistical analysis of timing data using crafted packets.A cache-based side channel attack was found in the way GnuTLS implements CBC-mode cipher suites. An attacker could use a combination of quot;Just in Timequot; Prime+probe and Lucky-13 attacks to recover plain text in a cross-VM attack scenario.