Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2018-0737

Опубликовано: 16 апр. 2018
Источник: ubuntu
Приоритет: low
EPSS Средний
CVSS2: 4.3
CVSS3: 5.9

Описание

The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).

РелизСтатусПримечание
artful

released

1.0.2g-1ubuntu13.6
bionic

released

1.1.0g-2ubuntu4.1
cosmic

released

1.1.0g-2ubuntu5
devel

released

1.1.0g-2ubuntu5
disco

released

1.1.0g-2ubuntu5
esm-infra-legacy/trusty

released

1.0.1f-1ubuntu2.26
esm-infra/bionic

released

1.1.0g-2ubuntu4.1
esm-infra/xenial

released

1.0.2g-1ubuntu4.13
precise/esm

not-affected

1.0.1-4ubuntu5.41
trusty

released

1.0.1f-1ubuntu2.26

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needs-triage]
precise/esm

DNE

trusty

ignored

end of standard support
trusty/esm

DNE

trusty was needs-triage
upstream

needs-triage

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

released

1.0.2n-1ubuntu5.1
cosmic

released

1.0.2n-1ubuntu6
devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

esm-infra/bionic

released

1.0.2n-1ubuntu5.1
precise/esm

DNE

trusty

DNE

trusty/esm

DNE

Показывать по

Ссылки на источники

EPSS

Процентиль: 96%
0.26735
Средний

4.3 Medium

CVSS2

5.9 Medium

CVSS3

Связанные уязвимости

redhat логотип

CVE-2018-0737

CVSS3: 3.3
redhat
больше 7 лет назад

The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).

nvd логотип

CVE-2018-0737

CVSS3: 5.9
nvd
больше 7 лет назад

The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).

debian логотип

CVE-2018-0737

CVSS3: 5.9
debian
больше 7 лет назад

The OpenSSL RSA Key generation algorithm has been shown to be vulnerab ...

suse-cvrf логотип

openSUSE-SU-2019:0152-1

suse-cvrf
больше 6 лет назад

Security update for openssl-1_1

suse-cvrf логотип

openSUSE-SU-2018:2957-1

suse-cvrf
около 7 лет назад

Security update for openssl

EPSS

Процентиль: 96%
0.26735
Средний

4.3 Medium

CVSS2

5.9 Medium

CVSS3