SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (VPN)  >   OpenSSL Vendors:   OpenSSL.org
(Oracle Issues Fix for Oracle Linux) OpenSSL RSA Key Generation BN_mod_inverse() and BN_mod_exp_mont() Cache Timing Attack Lets Local Users Recover the Private Key
SecurityTracker Alert ID:  1042068
SecurityTracker URL:  http://securitytracker.com/id/1042068
CVE Reference:   CVE-2018-0737   (Links to External Site)
Date:  Nov 12 2018
Impact:   Disclosure of authentication information
Fix Available:  Yes  Vendor Confirmed:  Yes  

Description:   A vulnerability was reported in OpenSSL. A local user can recover the private key in certain cases.

A local user that can conduct a cache timing side channel attack against the RSA key generation algorithm's BN_mod_inverse() and BN_mod_exp_mont() functions may be able to recover the private key.

The vendor was notified on April 4, 2018.

Alejandro Cabrera Aldaya, Billy Brumley, Cesar Pereida Garcia, and Luis Manuel Alvarez Tapia reported this vulnerability.

Impact:   A local user that can conduct a cache timing attack on the target system may be able to recover the private key in certain cases.
Solution:   Oracle has issued a fix.

The Oracle Linux advisory is available at:

http://linux.oracle.com/errata/ELSA-2018-3221.html

Vendor URL:  linux.oracle.com/errata/ELSA-2018-3221.html (Links to External Site)
Cause:   Access control error, State error
Underlying OS:  Linux (Oracle)
Underlying OS Comments:  7

Message History:   This archive entry is a follow-up to the message listed below.
Apr 16 2018 OpenSSL RSA Key Generation BN_mod_inverse() and BN_mod_exp_mont() Cache Timing Attack Lets Local Users Recover the Private Key



 Source Message Contents

Subject:  [El-errata] ELSA-2018-3221 Moderate: Oracle Linux 7 openssl security, bug fix, and enhancement update

Oracle Linux Security Advisory ELSA-2018-3221

http://linux.oracle.com/errata/ELSA-2018-3221.html

The following updated rpms for Oracle Linux 7 have been uploaded to the 
Unbreakable Linux Network:

x86_64:
openssl-1.0.2k-16.0.1.el7.x86_64.rpm
openssl-devel-1.0.2k-16.0.1.el7.i686.rpm
openssl-devel-1.0.2k-16.0.1.el7.x86_64.rpm
openssl-libs-1.0.2k-16.0.1.el7.i686.rpm
openssl-libs-1.0.2k-16.0.1.el7.x86_64.rpm
openssl-perl-1.0.2k-16.0.1.el7.x86_64.rpm
openssl-static-1.0.2k-16.0.1.el7.i686.rpm
openssl-static-1.0.2k-16.0.1.el7.x86_64.rpm


SRPMS:
http://oss.oracle.com/ol7/SRPMS-updates/openssl-1.0.2k-16.0.1.el7.src.rpm



Description of changes:

[1.0.2k-16.0.1]
- sha256 is used for the RSA pairwise consistency test instead of sha1

[1.0.2k-16]
- fix CVE-2018-0495 - ROHNP - Key Extraction Side Channel on DSA, ECDSA
- fix incorrect error message on FIPS DSA parameter generation (#1603597)

[1.0.2k-14]
- ppc64le is not multilib architecture (#1585004)

[1.0.2k-13]
- add S390x assembler updates
- make CA name list comparison function case sensitive (#1548401)
- fix CVE-2017-3735 - possible one byte overread with X.509 IPAdressFamily
- fix CVE-2018-0732 - large prime DH DoS of TLS client
- fix CVE-2018-0737 - RSA key generation cache timing vulnerability
- fix CVE-2018-0739 - stack overflow parsing recursive ASN.1 structure


_______________________________________________
El-errata mailing list
El-errata@oss.oracle.com
https://oss.oracle.com/mailman/listinfo/el-errata
 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC