SB2018061326 - Memory-cache side-channel attack in libgcrypt (Alpine package)
Published: June 13, 2018
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 security vulnerability.
1) Memory-cache side-channel attack (CVE-ID: CVE-2018-0495)
The vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists due to a leakage of information through memory caches when the affected library uses a private key to create Elliptic Curve Digital Signature Algorithm (ECDSA) signatures. A local attacker can conduct a memory-cache side-channel attack on ECDSA signatures and recover sensitive information, such as ECDSA private keys, which could be used to conduct further attacks.
Note: The vulnerability is known as the "Return Of the Hidden Number Problem" or ROHNP.
Remediation
Install update from vendor's website.
References
- https://git.alpinelinux.org/aports/commit/?id=237b184ab920ac272b958d7e5cfab67112bd00b7
- https://git.alpinelinux.org/aports/commit/?id=5b4846da350aac758d8d91420167fd99e33bcdea
- https://git.alpinelinux.org/aports/commit/?id=92381611d07c877dd1469e1f2f6cf5dd45b11730
- https://git.alpinelinux.org/aports/commit/?id=25760a2a94cd003c6ae42b72c4701f96d4264027
- https://git.alpinelinux.org/aports/commit/?id=a8d906fd888391043f72226d80ddaf247ef4ad9f
- https://git.alpinelinux.org/aports/commit/?id=958b1aff2dc3a82a58d3dc52ded6988c0658547b
- https://git.alpinelinux.org/aports/commit/?id=e0dc3d5bbfc8733822bc0291577475a768d84495
- https://git.alpinelinux.org/aports/commit/?id=d59577c011626963a91f59d8cce9c55e72baf023
- https://git.alpinelinux.org/aports/commit/?id=64003a818c75a368244e5123801eeae2c9289406