The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 prior to 1.0.1s and 1.0.2 prior to 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the same Intel Sandy Bridge CPU core as a victim and leveraging cache-bank conflicts, aka a "CacheBleed" attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openssl openssl 1.0.1m |
||
openssl openssl 1.0.2a |
||
openssl openssl 1.0.1j |
||
openssl openssl 1.0.1 |
||
openssl openssl 1.0.1h |
||
openssl openssl 1.0.2e |
||
openssl openssl 1.0.1r |
||
openssl openssl 1.0.2b |
||
openssl openssl 1.0.1c |
||
openssl openssl 1.0.1g |
||
openssl openssl 1.0.1a |
||
openssl openssl 1.0.1d |
||
openssl openssl 1.0.2c |
||
openssl openssl 1.0.2 |
||
openssl openssl 1.0.1p |
||
openssl openssl 1.0.1k |
||
openssl openssl 1.0.1b |
||
openssl openssl 1.0.1n |
||
openssl openssl 1.0.1q |
||
openssl openssl 1.0.1e |
||
openssl openssl 1.0.1l |
||
openssl openssl 1.0.1f |
||
openssl openssl 1.0.1o |
||
openssl openssl 1.0.2f |
||
openssl openssl 1.0.1i |
||
openssl openssl 1.0.2d |
||
nodejs node.js |
||
debian debian linux 8.0 |
||
debian debian linux 7.0 |
||
canonical ubuntu linux 15.10 |
||
canonical ubuntu linux 14.04 |
||
canonical ubuntu linux 12.04 |