CVE-2018-12437
published 2018-06-15CVE-2018-12437: LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an…
PriorityP418medium4.9CVSS 3.1
AVPACHPRNUINSCCHINAN
EPSS
0.54%
41.3th percentile
LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| atrodo | net | < 0.14 | 0.14 |
| debian | libtomcrypt | < libtomcrypt 1.18.2-1 (bookworm) | libtomcrypt 1.18.2-1 (bookworm) |
| libtom | libtomcrypt | <= 1.18.1 | — |
| libtomcrypt | libtomcrypt | >= 0 < 1.18.2-1 | 1.18.2-1 |
| libtomcrypt | libtomcrypt | >= 0 < 1.18.2-1 | 1.18.2-1 |
| libtomcrypt | libtomcrypt | >= 0 < 1.18.2-1 | 1.18.2-1 |
| libtomcrypt | libtomcrypt | >= 0 < 1.18.2-1 | 1.18.2-1 |
| silverstripe | graphql | >= 2.0.0 < 2.0.5 | 2.0.5 |
| silverstripe | graphql | >= 3.1.0 < 3.1.2 | 3.1.2 |
| trustedfirmware | op-tee | <= 3.5.0 | — |
CVSS provenance
nvdv3.14.9MEDIUMCVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
nvdv2.01.9LOWAV:L/AC:M/Au:N/C:P/I:N/A:N
osv4.9MEDIUM
vendor_debian4.9LOW
vendor_redhat4.7MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
libtomcrypt: memory-cache side-channel attack on ECDSA signatures
vendor_redhat·2018-06-13·CVSS 4.7
CVE-2018-12437 [MEDIUM] CWE-385 libtomcrypt: memory-cache side-channel attack on ECDSA signatures
libtomcrypt: memory-cache side-channel attack on ECDSA signatures
LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
Statement: This flaw was found to be a duplicate of CVE-2018-0495. Please see https://access.redhat.com/security/cve/CVE-2018-0495 for information about affected products and security errata.
Package: libtomcrypt (CloudForms Management Engine 5) - Not affected
Package: libtomcrypt (Red Hat Ansible Engine 2) - Not affected
Package: libtomcrypt (Red Hat Enterprise Linux 7) - Not affected
Debian
CVE-2018-12437: libtomcrypt - LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA si...
vendor_debian·2018·CVSS 4.9
CVE-2018-12437 [MEDIUM] CVE-2018-12437: libtomcrypt - LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA si...
LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
Scope: local
bookworm: resolved (fixed in 1.18.2-1)
bullseye: resolved (fixed in 1.18.2-1)
forky: resolved (fixed in 1.18.2-1)
sid: resolved (fixed in 1.18.2-1)
trixie: resolved (fixed in 1.18.2-1)
GHSA
GHSA-fwph-xhj4-v8r5: Net::Dropbear versions before 0
ghsa_unreviewed·2026-04-21·CVSS 7.5
CVE-2025-15638 [HIGH] GHSA-fwph-xhj4-v8r5: Net::Dropbear versions before 0
Net::Dropbear versions before 0.14 for Perl contains a vulnerable version of libtomcrypt.
Net::Dropbear versions before 0.14 includes versions of Dropbear 2019.78 or earlier. These include versions of libtomcrypt v1.18.1 or earlier, which is affected by CVE-2016-6129 and CVE-2018-12437.
GHSA
Silverstripe CSRF Protection Bypass via GraphQL
ghsa·2022-05-24
CVE-2019-12437 [HIGH] CWE-352 Silverstripe CSRF Protection Bypass via GraphQL
Silverstripe CSRF Protection Bypass via GraphQL
In SilverStripe/GraphQL prior to 2.0.5 and 3.1.2, the previous fix for SS-2018-007 does not completely mitigate the risk of CSRF in GraphQL mutations.
OSV
CVE-2018-12437: LibTomCrypt through 1
osv·2018-06-15·CVSS 4.9
CVE-2018-12437 [MEDIUM] CVE-2018-12437: LibTomCrypt through 1
LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2018-0495 CVE-2018-12437 libtomcrypt: various flaws [epel-all]
bugzilla·2018-06-15·CVSS 4.7
CVE-2018-0495 [MEDIUM] CVE-2018-0495 CVE-2018-12437 libtomcrypt: various flaws [epel-all]
CVE-2018-0495 CVE-2018-12437 libtomcrypt: various flaws [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedora EP
Bugzilla
CVE-2018-12437 libtomcrypt: memory-cache side-channel attack on ECDSA signatures
bugzilla·2018-06-15·CVSS 4.7
CVE-2018-12437 [MEDIUM] CVE-2018-12437 libtomcrypt: memory-cache side-channel attack on ECDSA signatures
CVE-2018-12437 libtomcrypt: memory-cache side-channel attack on ECDSA signatures
LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
References:
https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/
Discussion:
Created libtomcrypt tracking bugs for this issue:
Affects: epel-all [bug 1591906]
Affects: fedora-all [bug 1591905]
---
*** This bug has been marked as a duplicate of bug 1591163 ***
---
Statement:
This flaw was found to be a duplicate of CVE-2018-0495. Please see https://access.redhat.com/security/cve
Bugzilla
CVE-2018-0495 CVE-2018-12437 libtomcrypt: various flaws [fedora-all]
bugzilla·2018-06-15·CVSS 4.7
CVE-2018-0495 [MEDIUM] CVE-2018-0495 CVE-2018-12437 libtomcrypt: various flaws [fedora-all]
CVE-2018-0495 CVE-2018-12437 libtomcrypt: various flaws [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fedor
2018-06-15
Published