Описание
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | released | 1.0.1f-1ubuntu2 |
| lucid | not-affected | code not present |
| precise | released | 1.0.1-4ubuntu5.12 |
| quantal | released | 1.0.1c-3ubuntu2.7 |
| saucy | released | 1.0.1e-3ubuntu1.2 |
| upstream | needs-triage |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | code not present |
| lucid | DNE | |
| precise | not-affected | code not present |
| quantal | not-affected | code not present |
| saucy | not-affected | code not present |
| upstream | needs-triage |
Показывать по
EPSS
1.9 Low
CVSS2
Связанные уязвимости
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.
The Montgomery ladder implementation in OpenSSL through 1.0.0l does no ...
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.
Уязвимость программного обеспечения Cisco Unified Communications Manager, позволяющая злоумышленнику получить одноразовый код (nonce) ECDSA
EPSS
1.9 Low
CVSS2