Vulnerability Description
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.
CVSS Score
LOW
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Openssl | Openssl | <= 1.0.0l |
Related Weaknesses (CWE)
References
- http://advisories.mageia.org/MGASA-2014-0165.html
- http://eprint.iacr.org/2014/140
- http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2198be3483259de374f9
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629
- http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
- http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html
- http://marc.info/?l=bugtraq&m=140266410314613&w=2
- http://marc.info/?l=bugtraq&m=140317760000786&w=2
- http://marc.info/?l=bugtraq&m=140389274407904&w=2
- http://marc.info/?l=bugtraq&m=140389355508263&w=2
- http://marc.info/?l=bugtraq&m=140448122410568&w=2
- http://marc.info/?l=bugtraq&m=140482916501310&w=2
- http://marc.info/?l=bugtraq&m=140621259019789&w=2
- http://marc.info/?l=bugtraq&m=140752315422991&w=2
- http://marc.info/?l=bugtraq&m=140904544427729&w=2
FAQ
What is CVE-2014-0076?
CVE-2014-0076 is a vulnerability with a CVSS score of 1.9 (LOW). The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces ...
How severe is CVE-2014-0076?
CVE-2014-0076 has been rated LOW with a CVSS base score of 1.9/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-0076?
Check the references section above for vendor advisories and patch information. Affected products include: Openssl Openssl.