CVE-2016-0702
published 2016-03-03CVE-2016-0702: The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank…
medium5.1CVSS 3.1
AVLACHPRNUINSUCHINAN
The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the same Intel Sandy Bridge CPU core as a victim and leveraging cache-bank conflicts, aka a "CacheBleed" attack.
Affected
42 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | macos_mojave | — | — |
| apple | xcode | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | openssl | < openssl 1.0.2g-1 (bookworm) | openssl 1.0.2g-1 (bookworm) |
| nodejs | node.js | 4.0.0 – 4.1.2 | — |
| nodejs | node.js | >= 4.2.0 < 4.3.2 | 4.3.2 |
| nodejs | node.js | >= 5.0.0 < 5.7.1 | 5.7.1 |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
| openssl | openssl | — | — |
CVSS provenance
nvdv3.15.1MEDIUMCVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
osv5.1MEDIUM