Описание
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.1.0g-2ubuntu4.3 |
| cosmic | released | 1.1.1-1ubuntu2.1 |
| devel | released | 1.1.1a-1ubuntu2 |
| disco | released | 1.1.1a-1ubuntu2 |
| eoan | released | 1.1.1a-1ubuntu2 |
| esm-infra-legacy/trusty | not-affected | 1.0.1f-1ubuntu2.27 |
| esm-infra/bionic | not-affected | 1.1.0g-2ubuntu4.3 |
| esm-infra/focal | not-affected | 1.1.1a-1ubuntu2 |
| esm-infra/xenial | not-affected | 1.0.2g-1ubuntu4.14 |
| focal | released | 1.1.1a-1ubuntu2 |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | DNE | |
| cosmic | DNE | |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was needs-triage] |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE | |
| hirsute | DNE |
Показывать по
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | released | 1.0.2n-1ubuntu5.2 |
| cosmic | released | 1.0.2n-1ubuntu6.1 |
| devel | DNE | |
| disco | DNE | |
| eoan | DNE | |
| esm-infra-legacy/trusty | DNE | |
| esm-infra/bionic | not-affected | 1.0.2n-1ubuntu5.2 |
| esm-infra/focal | DNE | |
| focal | DNE | |
| groovy | DNE |
Показывать по
EPSS
4.3 Medium
CVSS2
5.9 Medium
CVSS3
Связанные уязвимости
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).
The OpenSSL DSA signature algorithm has been shown to be vulnerable to ...
The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.0.2q (Affected 1.0.2-1.0.2p).
EPSS
4.3 Medium
CVSS2
5.9 Medium
CVSS3