CVE-2016-0702Sensitive Information Exposure in Openssl

CWE-200Sensitive Information ExposureCWE-119Improper Restriction of Operations within the Bounds of a Memory BufferCWE-310CWE-39913 documents11 sources
Severity
5.1MEDIUMNVD
EPSS
0.5%
top 35.83%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
OpensslNodejs Node.jsCanonical Ubuntu Linux+1 more
Timeline
PublishedMar 3
Latest updateMay 14

Description

The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the same Intel Sandy Bridge CPU core as a victim and leveraging cache-bank conflicts, aka a "CacheBleed" attack.

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 1.4 | Impact: 3.6

Affected Packages4 packages

Debianopenssl/openssl< 1.0.2g-1+3
Ubuntuopenssl/openssl< 1.0.1f-1ubuntu2.18
NVDopenssl/openssl26 versions+25
NVDnodejs/node.js4.2.04.3.2+2

Also affects: Debian Linux 7.0, 8.0, Ubuntu Linux 12.04, 14.04, 15.10

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

4
GHSA
GHSA-q7xg-gmg7-59f4: The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp2022-05-14
OSV
CVE-2016-0702: The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp2016-03-03
CVEList
CVE-2016-0702: The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp2016-03-03
OSV
openssl vulnerabilities2016-03-01

📋Vendor Advisories

7
Apple
CVE-2016-0702: macOS Mojave 10.142018-09-24
Apple
CVE-2016-0702: Xcode 8.12016-10-27
BSD
FreeBSD-SA-16:12.openssl: Multiple OpenSSL vulnerabilities2016-03-10
Cisco
Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 20162016-03-02
Ubuntu
OpenSSL vulnerabilities2016-03-01

💬Community

1
Bugzilla
CVE-2016-0702 OpenSSL: Side channel attack on modular exponentiation2016-02-22
CVE-2016-0702 — Sensitive Information Exposure | cvebase