Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 623006 (CVE-2017-7526)

Summary: <dev-libs/libgcrypt-1.7.8: flush+reload side-channel attack on RSA secret keys: "Sliding right into disaster".
Product: Gentoo Security Reporter: Kristian Fiskerstrand (RETIRED) <k_f>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: normal CC: bertrand, crypto+disabled, k_f
Priority: Normal Flags: stable-bot: sanity-check+
Version: unspecified   
Hardware: All   
OS: Linux   
URL: https://lists.gnupg.org/pipermail/gnupg-announce/2017q2/000408.html
Whiteboard: B3 [noglsa cve]
Package list:
dev-libs/libgcrypt-1.7.8
 Runtime testing required: ---
Bug Depends on: 629160    
Bug Blocks: 621218    

Description Kristian Fiskerstrand (RETIRED) gentoo-dev 2017-06-29 07:50:01 UTC 
Noteworthy changes in version 1.7.8 (2017-06-29)  [C21/A1/R8]
===================================

 * Bug fixes:

   - Mitigate a flush+reload side-channel attack on RSA secret keys
     dubbed "Sliding right into disaster".  For details see
     <https://eprint.iacr.org/2017/627>.  [CVE-2017-7526]


Note that this side-channel attack requires that the attacker can run
arbitrary software on the hardware where the private RSA key is used.
Allowing execute access to a box with private keys should be considered
as a game over condition, anyway.  Thus in practice there are easier
ways to access the private keys than to mount this side-channel attack.
However, on boxes with virtual machines this attack may be used by one
VM to steal private keys from another VM.
Comment 1 Kristian Fiskerstrand (RETIRED) gentoo-dev 2017-06-29 07:58:25 UTC 
commit 314d755d0e145799cf1771744df9f08932432b6d (HEAD -> master)
Author: Kristian Fiskerstrand <k_f@gentoo.org>
Date:   Thu Jun 29 09:55:32 2017 +0200

    dev-libs/libgcrypt: New upstream version 1.7.8
    
    Package-Manager: Portage-2.3.6, Repoman-2.3.1
Comment 2 Stabilization helper bot gentoo-dev 2017-06-29 08:01:55 UTC 
An automated check of this bug failed - the following atom is unknown:

dev-libs/libgcrypt-1.7.8

Please verify the atom list.
Comment 3 Agostino Sarubbo gentoo-dev 2017-06-30 08:32:31 UTC 
amd64 stable
Comment 4 Sergei Trofimovich (RETIRED) gentoo-dev 2017-06-30 11:12:31 UTC 
ia64 stable
Comment 5 Agostino Sarubbo gentoo-dev 2017-06-30 11:14:34 UTC 
x86 stable
Comment 6 Markus Meier gentoo-dev 2017-07-07 06:19:33 UTC 
arm stable
Comment 7 Agostino Sarubbo gentoo-dev 2017-07-07 09:12:33 UTC 
sparc stable
Comment 8 Agostino Sarubbo gentoo-dev 2017-07-07 13:28:07 UTC 
ppc stable
Comment 9 Agostino Sarubbo gentoo-dev 2017-07-07 14:53:25 UTC 
ppc64 stable
Comment 10 Kristian Fiskerstrand (RETIRED) gentoo-dev 2017-07-08 20:16:06 UTC 
Changing designation to B3 as this requires specific configuration to be an attack vector, and impractical in nature.

GLSA Vote: No
Comment 11 Tobias Klausmann (RETIRED) gentoo-dev 2017-07-16 11:13:07 UTC 
Stable on alpha.
Comment 12 Kristian Fiskerstrand (RETIRED) gentoo-dev 2017-07-28 14:51:57 UTC 
ping for hppa