PT-2014-1312 · Openssl+5 · Openssl+5

Published

2014-03-25

Updated

2024-06-15

CVE-2014-0076

CVSS v2.0

1.9

Low

Vector

AV:L/AC:M/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.0.0 through 1.0.0l OpenSSL versions prior to 1.0.1g

Description The Montgomery ladder implementation in OpenSSL does not ensure constant-time behavior for certain swap operations, making it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack. Multiple vulnerabilities in the OpenSSL package can lead to confidentiality breaches, and exploitation can be done remotely.

Recommendations For OpenSSL versions 1.0.0 through 1.0.0l, consider updating to a version with a fixed Montgomery ladder implementation. For OpenSSL versions prior to 1.0.1g, update to version 1.0.1g or later to address the vulnerabilities. As a temporary workaround, consider restricting access to sensitive operations that rely on the Montgomery ladder implementation until a patch is available.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-310

Related Identifiers

ALT-PU-2014-1451

BDU:2015-00130

BDU:2015-00131

BDU:2015-09760

CVE-2014-0076

DLA-0003-1

DSA-2908-1

HPSBUX03046

MGASA-2014-0165

OPENSUSE-SU-2016_0640-1

OPENSUSE-SU-2024:10271-1

OPENSUSE-SU-2024:10529-1

OPENSUSE-SU-2024:11127-1

SUSE-FU-2022:0445-1

SUSE-SU-2014_0538-1

SUSE-SU-2014_0539-1

SUSE-SU-2014_0541-1

SUSE-SU-2014_0761-1

SUSE-SU-2015:0545-1

SUSE-SU-2015:0545-2

SUSE-SU-2015:1182-1

SUSE-SU-2015:1182-2

SUSE-SU-2015:1184-1

SUSE-SU-2015:1184-2

SUSE-SU-403

Affected Products

Alt Linux

Hp-Ux

Huawei Vrp

Junos

Openssl

Suse

PT-2014-1312 · Openssl+5 · Openssl+5

CVE-2014-0076

Weakness Enumeration

Related Identifiers

Affected Products

References · 485