CVE-2025-27587 — Covert Timing Channel in Openssl

CWE-385 — Covert Timing Channel5 documents5 sources

Severity

5.3MEDIUMNVD

EPSS

0.2%

top 54.87%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openssl Debian Openssl

Timeline

PublishedJun 16

Latest updateOct 15

Description

OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable to a Minerva attack, exploitable by measuring the time of signing of random messages using the EVP_DigestSign API, and then using the private key to extract the K value (nonce) from the signatures. Next, based on the bit size of the extracted nonce, one can compare the signing time of full-sized nonces to signatures that used smaller nonces, via statistical tests. There is a side-channel in the P-364 curve that allows private …

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:NExploitability: 1.6 | Impact: 3.6

Affected Packages2 packages

▶debiandebian/openssl< openssl 3.5.0-1 (forky)

▶Debianopenssl/openssl< 3.5.0-1+1

🔴Vulnerability Details

GHSA

GHSA-jqr3-3jm7-r6cm: OpenSSL 3↗2025-06-17

▶

OSV

CVE-2025-27587: OpenSSL 3↗2025-06-16

▶

📋Vendor Advisories

Oracle

Oracle Oracle Communications Risk Matrix: Configuration (OpenSSL) — CVE-2025-27587↗2025-10-15

▶

Debian

CVE-2025-27587: openssl - OpenSSL 3.0.0 through 3.3.2 on the PowerPC architecture is vulnerable to a Miner...↗2025

▶