LibreSSL prior to 2.6.5 and 2.7.x prior to 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
openbsd libressl 2.7.2 |
||
openbsd libressl 2.7.1 |
||
openbsd libressl 2.7.0 |
||
openbsd libressl |
||
openbsd libressl 2.7.3 |