CVE-2007-3108
Published: 7 August 2007
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.
From the Ubuntu Security Team
It was discovered that OpenSSL did not correctly perform Montgomery multiplications. Local attackers might be able to reconstruct RSA private keys by examining another user's OpenSSL processes.
Priority
Status
Package | Release | Status |
---|---|---|
openssl Launchpad, Ubuntu, Debian |
dapper |
Released
(0.9.8a-7ubuntu0.4)
|
edgy |
Released
(0.9.8b-2ubuntu2.1)
|
|
feisty |
Released
(0.9.8c-4ubuntu0.1)
|
|
gutsy |
Released
(0.9.8e-5ubuntu2)
|
|
hardy |
Released
(0.9.8e-5ubuntu2)
|
|
intrepid |
Released
(0.9.8e-5ubuntu2)
|
|
jaunty |
Released
(0.9.8e-5ubuntu2)
|
|
karmic |
Released
(0.9.8e-5ubuntu2)
|
|
upstream |
Released
(0.9.8f)
|
|
openssl097 Launchpad, Ubuntu, Debian |
dapper |
Ignored
(end of life)
|
edgy |
Ignored
(end of life, was needed)
|
|
feisty |
Ignored
(end of life, was needed)
|
|
gutsy |
Does not exist
|
|
hardy |
Does not exist
|
|
intrepid |
Does not exist
|
|
jaunty |
Does not exist
|
|
karmic |
Does not exist
|
|
upstream |
Needs triage
|