CVE-2014-0076 — Openssl vulnerability

CWE-31014 documents11 sources

Severity

1.9LOWNVD

EPSS

0.4%

top 39.58%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openssl Debian Openssl Cisco Products

Timeline

PublishedMar 25

Latest updateFeb 16

Description

The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.

CVSS vector

AV:L/AC:M/C:P/I:N/A:NExploitability: 3.4 | Impact: 2.9

Affected Packages4 packages

▶debiandebian/openssl< openssl 1.0.1g-1 (bookworm)

▶Debianopenssl/openssl< 1.0.1g-1+3

▶NVDopenssl/openssl1.0.0l+73

▶ciscocisco/products

🔴Vulnerability Details

GHSA

GHSA-h7hf-9wc6-h849: The Montgomery ladder implementation in OpenSSL through 1↗2022-05-17

▶

OSV

CVE-2014-0076: The Montgomery ladder implementation in OpenSSL through 1↗2014-03-25

▶

📋Vendor Advisories

CISA ICS

Rockwell Automation Stratix 5900↗2017-05-10

▶

Cisco

Multiple Vulnerabilities in OpenSSL Affecting Cisco Products↗2014-06-05

▶

BSD

FreeBSD-SA-14:06.openssl: OpenSSL multiple vulnerabilities↗2014-04-08

▶

Ubuntu

OpenSSL vulnerabilities↗2014-04-07

▶

Red Hat

openssl: ECDSA nonces susceptible to Yarom/Benger flush+reload cache side-channel attack↗2014-02-14

▶

📄Research Papers

arXiv

VulRG: Multi-Level Explainable Vulnerability Patch Ranking for Complex Systems Using Graphs↗2025-02-16

▶

arXiv

Cache Refinement Type for Side-Channel Detection of Cryptographic Software↗2022-10-19

▶

💬Community

Bugzilla

CVE-2014-0076 openssl: OpenSSL Elliptic Curve Digital Signature Algorithm (ECDSA) nonces susceptible to Yarom/Benger flush+reload cache side-channel attack [fedora-all]↗2014-03-25

▶

Bugzilla

CVE-2014-0076 openssl: ECDSA nonces susceptible to Yarom/Benger flush+reload cache side-channel attack↗2014-03-25

▶