Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 688564 (CVE-2019-12904) - dev-libs/libgcrypt: Possible side channel attack for PPC: C implementation of AES is vulnerable to side-channel attacks
Summary: dev-libs/libgcrypt: Possible side channel attack for PPC: C implementation of...
Status: RESOLVED INVALID
Alias: CVE-2019-12904
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal (vote)
Assignee: Gentoo Security
URL: https://dev.gnupg.org/T4541
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-06-23 20:56 UTC by Kristian Fiskerstrand (RETIRED)
Modified: 2020-06-24 15:42 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Kristian Fiskerstrand (RETIRED) gentoo-dev 2019-06-23 20:56:02 UTC
From URL:

While working on PowerPC support (D490 D491 D492 D493) I noticed that the C implementation of AES is vulnerable to side-channel attacks. (described below)

My patches are not vulnerable to this, but users of libgcrypt on PowerPC *before* my patches are.

--

Following upstream development, question from WK;
"Andreas, I wonder on which grounds you assigned a CVE for this claimed side-channel attack. The mentioned paper is about an old RSA side-channel and not on AES. I would like to see more facts than the reference to a guy who knows PPC pretty well."

(fwiw, andreas didn't assign the CVE)
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2020-06-24 04:16:12 UTC
Upstream closed as wontfix:

"As of now we doubt that the proposed patch helps and we even fear that it could make things worst. Thus, as long as there is we have no description of an attack we won't do anything about it."
Comment 2 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2020-06-24 15:42:32 UTC
(In reply to John Helmert III (ajak) from comment #1)
> Upstream closed as wontfix:
> 
> "As of now we doubt that the proposed patch helps and we even fear that it
> could make things worst. Thus, as long as there is we have no description of
> an attack we won't do anything about it."

Let's do that then.