CVE-2018-0735

Published: 29 October 2018

The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).

Notes

Author	Note
mdeslaur	this may be introduced by the fix for CVE-2018-5407

Priority

CVSS 3 base score: 5.9

Status

Package	Release	Status
openssl Launchpad, Ubuntu, Debian	bionic	Released (1.1.0g-2ubuntu4.3)
	cosmic	Released (1.1.1-1ubuntu2.1)
	disco	Released (1.1.1a-1ubuntu2)
	eoan	Released (1.1.1a-1ubuntu2)
	focal	Released (1.1.1a-1ubuntu2)
	groovy	Released (1.1.1a-1ubuntu2)
	hirsute	Released (1.1.1a-1ubuntu2)
	precise	Ignored (end of ESM support, was needs-triage)
	trusty	Not vulnerable (1.0.1f-1ubuntu2.26)
	upstream	Needs triage
	xenial	Not vulnerable (1.0.2g-1ubuntu4.13)
	Patches: upstream: https://git.openssl.org/?p=openssl.git;a=commit;h=b1d6d55ece1c26fa2829e2b819b038d7b6d692b4 (1.1.1) upstream: https://git.openssl.org/?p=openssl.git;a=commit;h=56fb454d281a023b3f950d969693553d3f3ceea1 (1.1.0) upstream: https://git.openssl.org/?p=openssl.git;a=commit;h=003f1bfd185267cc67ac9dc521a27d7a2af0d0ee (1.1.0)
openssl098 Launchpad, Ubuntu, Debian	bionic	Does not exist
	cosmic	Does not exist
	disco	Does not exist
	eoan	Does not exist
	focal	Does not exist
	groovy	Does not exist
	hirsute	Does not exist
	precise	Does not exist
	trusty	Does not exist (trusty was needs-triage)
	upstream	Needs triage
	xenial	Does not exist
openssl1.0 Launchpad, Ubuntu, Debian	bionic	Not vulnerable (1.0.2n-1ubuntu5.1)
	cosmic	Not vulnerable (1.0.2n-1ubuntu6)
	disco	Does not exist
	eoan	Does not exist
	focal	Does not exist
	groovy	Does not exist
	hirsute	Does not exist
	precise	Does not exist
	trusty	Does not exist
	upstream	Needs triage
	xenial	Does not exist

CVE-2018-0735

Notes

Low

Status

References

Join the discussion

Canonical is offering Extended Security Maintenance

Further reading