Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Related Vulnerabilities: CVE-2018-0737  

A cache-timing side channel attack in the RSA key generation algorithm has been found in OpenSSL <= 1.1.0h and <= 1.0.2o. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key.

Source
Severity Low

Remote No

Type Private key recovery

Description 

A cache-timing side channel attack in the RSA key generation algorithm has been found in OpenSSL <= 1.1.0h and <= 1.0.2o. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key.

AVG-677 openssl-1.0 1.0.2.o-1 1.0.2.p-1 Low Fixed

AVG-676 lib32-openssl-1.0 1.0.2.o-1 1.0.2.p-1 Low Fixed

AVG-675 lib32-openssl 1:1.1.0.h-1 1:1.1.0.i-1 Low Fixed

AVG-674 openssl 1.1.0.h-1 1.1.0.i-1 Low Fixed 

https://www.openssl.org/news/secadv/20180416.txt
https://github.com/openssl/openssl/commit/6939eab03a6e23d2bd2c3f5e34fe1d48e542e787
https://github.com/openssl/openssl/commit/349a41da1ad88ad87825414752a8ff5fdd6a6c3f

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started