CVE-2023-49092 — Covert Timing Channel in RSA

CWE-385 — Covert Timing Channel CWE-203 — Observable Discrepancy7 documents4 sources

Severity

5.9MEDIUMNVD

EPSS

0.7%

top 27.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Rustcrypto RSA Debian Rust-rsa

Timeline

PublishedNov 28

Description

RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-constant-time implementation, information about the private key is leaked through timing information which is observable over the network. An attacker may be able to use that information to recover the key. There is currently no fix available. As a workaround, avoid using the RSA crate in settings where attackers are able to observe timing information, e.g. local use on a non-compromised computer.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages3 packages

▶CVEListV5rustcrypto/rsa0.9.5

▶crates.iorustcrypto/rsa0.9.6+1

▶debiandebian/rust-rsa

🔴Vulnerability Details

OSV

CVE-2023-49092: RustCrypto/RSA is a portable RSA implementation in pure Rust↗2023-11-28

▶

OSV

Marvin Attack: potential key recovery through timing sidechannels↗2023-11-28

▶

OSV

Marvin Attack: potential key recovery through timing sidechannels↗2023-11-28

▶

GHSA

Marvin Attack: potential key recovery through timing sidechannels↗2023-11-28

▶

OSV

Marvin Attack: potential key recovery through timing sidechannels↗2023-11-22

▶

📋Vendor Advisories

Debian

CVE-2023-49092: rust-rsa - RustCrypto/RSA is a portable RSA implementation in pure Rust. Due to a non-const...↗2023

▶