CVE-2018-0495
Published: 13 June 2018
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
Priority
CVSS 3 base score: 4.7
Status
Package | Release | Status |
---|---|---|
libgcrypt11 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Ubuntu 18.04 LTS (Bionic Beaver) |
Does not exist
|
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Released
(1.5.3-2ubuntu4.6)
|
|
libgcrypt20 Launchpad, Ubuntu, Debian |
Upstream |
Released
(1.7.10,1.8.3)
|
Ubuntu 18.04 LTS (Bionic Beaver) |
Released
(1.8.1-4ubuntu1.1)
|
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Released
(1.6.5-2ubuntu0.5)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was needed)
|
|
Patches: Upstream: https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=9010d1576e278a4274ad3f4aa15776c28f6ba965 |
||
nss Launchpad, Ubuntu, Debian |
Upstream |
Released
(3.38)
|
Ubuntu 18.04 LTS (Bionic Beaver) |
Released
(2:3.35-2ubuntu2.1)
|
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Released
(2:3.28.4-0ubuntu0.16.04.4)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Released
(2:3.28.4-0ubuntu0.14.04.4)
|
|
Patches: Upstream: https://hg.mozilla.org/projects/nss/rev/ca18ca4ba00d |
||
openssl Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Ubuntu 18.04 LTS (Bionic Beaver) |
Released
(1.1.0g-2ubuntu4.1)
|
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Released
(1.0.2g-1ubuntu4.13)
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Released
(1.0.1f-1ubuntu2.26)
|
|
Patches: Upstream: https://git.openssl.org/?p=openssl.git;a=commit;h=949ff36623eafc3523a9f91784992965018ffb05 (1.0.2) Upstream: https://git.openssl.org/?p=openssl.git;a=commit;h=0c27d793745c7837b13646302b6890a556b7017a (1.1) |
||
openssl098 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Ubuntu 18.04 LTS (Bionic Beaver) |
Does not exist
|
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
(trusty was needs-triage)
|
|
openssl1.0 Launchpad, Ubuntu, Debian |
Upstream |
Needs triage
|
Ubuntu 18.04 LTS (Bionic Beaver) |
Released
(1.0.2n-1ubuntu5.1)
|
|
Ubuntu 16.04 LTS (Xenial Xerus) |
Does not exist
|
|
Ubuntu 14.04 ESM (Trusty Tahr) |
Does not exist
|
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0495
- https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/
- https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000426.html
- https://usn.ubuntu.com/usn/usn-3689-1
- https://usn.ubuntu.com/usn/usn-3689-2
- https://usn.ubuntu.com/usn/usn-3692-1
- https://usn.ubuntu.com/usn/usn-3692-2
- https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/NSS_3.38_release_notes
- https://usn.ubuntu.com/usn/usn-3850-1
- https://usn.ubuntu.com/usn/usn-3850-2
- NVD
- Launchpad
- Debian