6 matches found
SUSE CVE-2018-12435
Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ecgroup/ecgroup.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker needs access to either the local...
FreeBSD : botan2 -- ECDSA side channel (7762d7ad-2e38-41d2-9785-c51f653ba8bd)
botan2 developers report : A side channel in the ECDSA signature operation could allow a local attacker to recover the secret key. Found by Keegan Ryan of NCC Group. Bug introduced in 2.5.0, fixed in 2.7.0. The 1.10 branch is not affected. C Tenable Network Security, Inc. The descriptive text and...
Fedora Update for botan2 FEDORA-2018-eaa7de17ae
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2018-12435
Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ecgroup/ecgroup.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker needs access to either the local...
CVE-2018-12435
Botan 2.5.0 through 2.6.0 before 2.7.0 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP, related to dsa/dsa.cpp, ecgroup/ecgroup.cpp, and ecdsa/ecdsa.cpp. To discover an ECDSA key, the attacker needs access to either the local...
CVE-2018-12435
CVE-2018-12435 affects Botan 2.5.0–2.6.0 prior to 2.7.0, enabling a memory-cache side-channel attack on ECDSA (ROHNP) that could allow key recovery when attacker has local access or co-residency on the same host. Connected advisories confirm the issue in Botan’s ECDSA signing and related code pat...