Описание
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 0.9.8a-7ubuntu0.4 |
| devel | released | 0.9.8e-5ubuntu2 |
| edgy | released | 0.9.8b-2ubuntu2.1 |
| feisty | released | 0.9.8c-4ubuntu0.1 |
| gutsy | released | 0.9.8e-5ubuntu2 |
| hardy | released | 0.9.8e-5ubuntu2 |
| intrepid | released | 0.9.8e-5ubuntu2 |
| jaunty | released | 0.9.8e-5ubuntu2 |
| karmic | released | 0.9.8e-5ubuntu2 |
| upstream | released | 0.9.8f |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | DNE | |
| edgy | ignored | end of life, was needed |
| feisty | ignored | end of life, was needed |
| gutsy | DNE | |
| hardy | DNE | |
| intrepid | DNE | |
| jaunty | DNE | |
| karmic | DNE | |
| upstream | needs-triage |
Показывать по
EPSS
1.2 Low
CVSS2
Связанные уязвимости
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9. ...
The BN_from_montgomery function in crypto/bn/bn_mont.c in OpenSSL 0.9.8e and earlier does not properly perform Montgomery multiplication, which might allow local users to conduct a side-channel attack and retrieve RSA private keys.
ELSA-2007-0964: Important: openssl security update (IMPORTANT)
EPSS
1.2 Low
CVSS2