Loading HuntDB...

Vulnerability Intelligence by wss.sh

Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog Latest Updates Security News

More Sources

HackerOne Reports

Bug bounty disclosures

WordPress Vulnerabilities

WordPress plugins & themes

Tools & Data

Trending Insights

Popular vulnerabilities

Advanced Search

Filter & search CVEs

Product Inventory

Software & vendors

Sign In Sign Up

CVE-2018-0737

UNKNOWN

Published 2018-04-16T17:00:00Z

Actions:

No CVSS data available

Description

The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

OpenSSL

Affected Versions:

Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h) Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o)

References

https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html

https://www.debian.org/security/2018/dsa-4355

https://usn.ubuntu.com/3628-2/

https://security.gentoo.org/glsa/201811-21

https://usn.ubuntu.com/3692-2/

https://access.redhat.com/errata/RHSA-2018:3505

http://www.securityfocus.com/bid/103766

https://usn.ubuntu.com/3692-1/

https://access.redhat.com/errata/RHSA-2018:3221

https://www.debian.org/security/2018/dsa-4348

http://www.securitytracker.com/id/1040685

https://usn.ubuntu.com/3628-1/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/

https://access.redhat.com/errata/RHSA-2019:3933

https://access.redhat.com/errata/RHSA-2019:3935

https://access.redhat.com/errata/RHSA-2019:3932

https://www.oracle.com/security-alerts/cpuapr2020.html

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

https://www.tenable.com/security/tns-2018-14

https://securityadvisories.paloaltonetworks.com/Home/Detail/133

https://www.tenable.com/security/tns-2018-13

https://www.tenable.com/security/tns-2018-17

https://www.tenable.com/security/tns-2018-12

https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/

https://www.oracle.com//security-alerts/cpujul2021.html

https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=349a41da1ad88ad87825414752a8ff5fdd6a6c3f

https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787

https://www.openssl.org/news/secadv/20180416.txt

https://security.netapp.com/advisory/ntap-20180726-0003/

Published: 2018-04-16T17:00:00Z

Last Modified: 2024-09-17T03:53:55.729Z

Copied to clipboard!