Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 505278 (CVE-2014-0076) - <dev-libs/openssl-{1.0.0l,1.0.1g}: ECDSA Nonces Recovery Weakness (CVE-2014-0076)
Summary: <dev-libs/openssl-{1.0.0l,1.0.1g}: ECDSA Nonces Recovery Weakness (CVE-2014-0...
Status: RESOLVED FIXED
Alias: CVE-2014-0076
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Security
URL: https://secunia.com/advisories/57091/
Whiteboard: A3 [glsa]
Keywords:
Depends on:
Blocks:
 
Reported: 2014-03-21 16:44 UTC by Agostino Sarubbo
Modified: 2021-11-03 10:58 UTC (History)
3 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Agostino Sarubbo gentoo-dev 2014-03-21 16:44:50 UTC
From ${URL} :

Description

Yuval Yarom and Naomi Benger have reported a weakness in OpenSSL, which can be exploited by malicious, 
local users to disclose certain sensitive information.

The weakness is caused due to an implementation error within the Elliptic Curve Digital Signature 
Algorithm (ECDSA), which can be exploited to disclose a nonce value and subsequently derive the secret key 
via the FLUSH+RELOAD Cache side-channel attack.


Solution:
Fixed in the source code repository.

Provided and/or discovered by:
Yuval Yarom and Naomi Benger

Original Advisory:
Yuval Yarom and Naomi Benger:
http://eprint.iacr.org/2014/140


@maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
Comment 1 Alex Legler (RETIRED) archtester gentoo-dev Security 2014-04-08 10:02:53 UTC
GLSA together with bug 507074.
Comment 2 Sergey Popov (RETIRED) gentoo-dev 2014-04-08 10:10:48 UTC
1.0.0 branch is affected too, currently masked
Comment 3 GLSAMaker/CVETool Bot gentoo-dev 2014-04-08 10:33:53 UTC
This issue was resolved and addressed in
 GLSA 201404-07 at http://security.gentoo.org/glsa/glsa-201404-07.xml
by GLSA coordinator Mikle Kolyada (Zlogene).
Comment 4 Andrew Savchenko gentoo-dev 2014-04-11 07:27:35 UTC
Severity is just normal for the most severe openssl bug in history?
A3 satisfies GLSA policy requirement, but maybe the policy should be revised itself?
Comment 5 Alex Legler (RETIRED) archtester gentoo-dev Security 2014-04-11 08:51:54 UTC
(In reply to Andrew Savchenko from comment #4)
> Severity is just normal for the most severe openssl bug in history?
> A3 satisfies GLSA policy requirement, but maybe the policy should be revised
> itself?

Er, the 'most severe openssl bug in history' is the other bug linked in the advisory, not this one. (Even if it was the right one, this has nothing to do with the actual issue, so it being on-topic for the bug is debatable.)

At any rate, the issue impact ratings depend on the issue itself, not any other chained events that can be triggered by it, and certainly not media hype.
As such, the rating and policy are fine.