CVE-2018-0495
Public on 2018-06-13
Modified on 2020-03-18
Description
Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
Severity
Medium
CVSS v3 Base Score
See breakdown
Affected Packages
| Platform | Package | Release Date | Advisory | Status |
|---|---|---|---|---|
| Amazon Linux 1 | nspr | 2020-03-16 | ALAS-2020-1355 | Fixed |
| Amazon Linux 1 | nss | 2020-03-16 | ALAS-2020-1355 | Fixed |
| Amazon Linux 2 - Core | nss | 2019-09-30 | ALAS2-2019-1305 | Fixed |
| Amazon Linux 1 | nss-softokn | 2020-03-16 | ALAS-2020-1355 | Fixed |
| Amazon Linux 1 | nss-util | 2020-03-16 | ALAS-2020-1355 | Fixed |
| Amazon Linux 1 | openssl | 2018-12-05 | ALAS-2018-1102 | Fixed |
| Amazon Linux 2 - Core | openssl | 2018-11-07 | ALAS2-2018-1102 | Fixed |
CVSS Scores
| Score Type | Score | Vector | |
|---|---|---|---|
| Amazon Linux | CVSSv3 | 5.1 | CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N |
| NVD | CVSSv2 | 1.9 | AV:L/AC:M/Au:N/C:P/I:N/A:N |
| NVD | CVSSv3 | 4.7 | CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N |