CVE-2018-12435

Published: 15 June 2018

Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ec_group/ec_group.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

Notes

Author	Note
msalvatore	From the release notes, "versions before 2.5.0 are not affected"

Priority

Cvss 3 Severity Score

5.9

Score breakdown

Status

Package	Release	Status
botan Launchpad, Ubuntu, Debian	artful	Does not exist
	bionic	Not vulnerable (code not present)
	cosmic	Not vulnerable (2.6.0-3)
	disco	Not vulnerable (2.6.0-3)
	eoan	Not vulnerable (2.6.0-3)
	trusty	Does not exist
	upstream	Released (2.6.0-3)
	xenial	Does not exist
	Patches: upstream: https://github.com/randombit/botan/commit/48fc8df51d99f9d8ba251219367b3d629cc848e3
botan1.10 Launchpad, Ubuntu, Debian	artful	Ignored (reached end-of-life)
	bionic	Not vulnerable (code not present)
	cosmic	Ignored (reached end-of-life)
	disco	Does not exist
	eoan	Does not exist
	trusty	Not vulnerable (code not present)
	upstream	Not vulnerable (debian: Issue introduced in 2.5.0)
	xenial	Not vulnerable (code not present)

Severity score breakdown

Parameter	Value
Base score	5.9
Attack vector	Local
Attack complexity	High
Privileges required	None
User interaction	None
Scope	Changed
Confidentiality	High
Integrity impact	None
Availability impact	None
Vector	CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N

References

Bugs

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=901619

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›