CVE-2017-14737
Published: 26 September 2017
A cryptographic cache-based side channel in the RSA implementation in Botan before 1.10.17, and 1.11.x and 2.x before 2.3.0, allows a local attacker to recover information about RSA secret keys, as demonstrated by CacheD. This occurs because an array is indexed with bits derived from a secret key.
From the Ubuntu Security Team
It was discovered that Botan did not properly implement RSA. An attacker could possibly use this to perform a side-channel attack and recover information about RSA secret keys.
Priority
Status
| Package | Release | Status |
|---|---|---|
|
botan1.10 Launchpad, Ubuntu, Debian |
upstream |
Released
(1.10.5-1+deb7u4, 1.10.17-0.1)
|
| zesty |
Ignored
(end of life)
|
|
| artful |
Ignored
(end of life)
|
|
| bionic |
Not vulnerable
(1.10.17-0.1)
|
|
| cosmic |
Not vulnerable
(1.10.17-0.1)
|
|
| disco |
Does not exist
|
|
| eoan |
Does not exist
|
|
| focal |
Does not exist
|
|
| impish |
Does not exist
|
|
| groovy |
Does not exist
|
|
| hirsute |
Does not exist
|
|
| jammy |
Does not exist
|
|
| xenial |
Needed
|
|
| trusty |
Released
(1.10.5-1+deb7u1ubuntu0.14.04.1+esm1)
Available with Ubuntu Pro or Ubuntu Pro (Infra-only) |
Severity score breakdown
| Parameter | Value |
|---|---|
| Base score | 5.5 |
| Attack vector | Local |
| Attack complexity | Low |
| Privileges required | Low |
| User interaction | None |
| Scope | Unchanged |
| Confidentiality | High |
| Integrity impact | None |
| Availability impact | None |
| Vector | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N |