Back to bug 2164487
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Marian Rehak | 2023-01-25 15:18:27 UTC | CC | security-response-team | |
| Sandipan Roy | 2023-01-25 18:02:42 UTC | Depends On | 2164548, 2164549, 2164543, 2164541, 2164550, 2164542, 2164547, 2164546, 2164545 | |
| Sandipan Roy | 2023-01-25 18:04:47 UTC | Depends On | 2164555, 2164553, 2164552, 2164554 | |
| Sandipan Roy | 2023-01-25 19:06:29 UTC | Deadline | 2023-02-07 | |
| TEJ RATHI | 2023-01-27 08:57:57 UTC | CC | acrosby, adudiak, bdettelb, caswilli, dffrench, dfreiber, dhalasz, dkuc, drieden, fjansen, gzaronik, hbraun, hkataria, ikanias, jary, jburrell, jkoehler, jmitchel, jtanner, jwong, kaycoth, kshier, micjohns, ngough, nweather, rgodfrey, rogbas, rravi, stcannon, sthirugn, tfister, tohughes, vkrizan, vkumar, vmugicag, yguenane | |
| Sandipan Roy | 2023-02-01 14:38:15 UTC | CC | jwong | |
| Depends On | 2166345 | |||
| Sandipan Roy | 2023-02-03 15:19:37 UTC | Doc Text | A timing-based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. | |
| Paige Jung | 2023-02-03 15:30:52 UTC | Doc Text | A timing-based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. | A timing-based side channel exists in the OpenSSL RSA Decryption implementation, which could be sufficient to recover a ciphertext across a network in a Bleichenbacher style attack. To achieve a successful decryption, an attacker would have to be able to send a very large number of trial messages for decryption. This issue affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP, and RSASVE. |
| Zack Miele | 2023-02-07 17:01:27 UTC | Deadline | 2023-02-07 | |
| CC | bootloader-eng-team, rh-spice-bugs, virt-maint | |||
| Summary | EMBARGOED CVE-2022-4304 openssl: timing attack in RSA Decryption implementation | CVE-2022-4304 openssl: timing attack in RSA Decryption implementation | ||
| Group | security, qe_staff | |||
| Zack Miele | 2023-02-07 17:59:58 UTC | Depends On | 2167929, 2167919, 2167915, 2167920, 2167921, 2167914, 2167927, 2167923, 2167928, 2167926, 2167925, 2167930, 2167922, 2167917, 2167924, 2167918 | |
| errata-xmlrpc | 2023-02-28 08:18:05 UTC | Link ID | Red Hat Product Errata RHSA-2023:0946 | |
| Kazu Yoshida | 2023-03-01 23:54:31 UTC | CC | kyoshida | |
| Christopher Voltz | 2023-03-10 16:11:42 UTC | CC | christopher.voltz | |
| errata-xmlrpc | 2023-03-14 13:52:55 UTC | Link ID | Red Hat Product Errata RHSA-2023:1199 | |
| errata-xmlrpc | 2023-03-22 10:33:38 UTC | Link ID | Red Hat Product Errata RHSA-2023:1405 | |
| Product Security DevOps Team | 2023-03-22 14:03:51 UTC | Resolution | --- | ERRATA |
| Status | NEW | CLOSED | ||
| Last Closed | 2023-03-22 14:03:51 UTC | |||
| errata-xmlrpc | 2023-03-22 19:48:34 UTC | Link ID | Red Hat Product Errata RHBA-2023:1413 | |
| errata-xmlrpc | 2023-03-22 19:48:43 UTC | Link ID | Red Hat Product Errata RHBA-2023:1414 | |
| errata-xmlrpc | 2023-03-22 19:54:56 UTC | Link ID | Red Hat Product Errata RHBA-2023:1415 | |
| errata-xmlrpc | 2023-03-22 20:44:56 UTC | Link ID | Red Hat Product Errata RHBA-2023:1417 | |
| errata-xmlrpc | 2023-03-22 20:48:28 UTC | Link ID | Red Hat Product Errata RHBA-2023:1416 | |
| errata-xmlrpc | 2023-03-22 20:56:34 UTC | Link ID | Red Hat Product Errata RHBA-2023:1418 | |
| errata-xmlrpc | 2023-03-22 21:00:54 UTC | Link ID | Red Hat Product Errata RHBA-2023:1419 | |
| errata-xmlrpc | 2023-03-22 21:25:32 UTC | Link ID | Red Hat Product Errata RHBA-2023:1420 | |
| errata-xmlrpc | 2023-03-22 21:26:44 UTC | Link ID | Red Hat Product Errata RHBA-2023:1421 | |
| errata-xmlrpc | 2023-03-22 21:34:46 UTC | Link ID | Red Hat Product Errata RHBA-2023:1422 | |
| errata-xmlrpc | 2023-03-22 21:37:31 UTC | Link ID | Red Hat Product Errata RHBA-2023:1423 | |
| errata-xmlrpc | 2023-03-22 21:38:47 UTC | Link ID | Red Hat Product Errata RHBA-2023:1425 | |
| errata-xmlrpc | 2023-03-22 21:42:54 UTC | Link ID | Red Hat Product Errata RHBA-2023:1424 | |
| errata-xmlrpc | 2023-03-22 21:47:27 UTC | Link ID | Red Hat Product Errata RHBA-2023:1426 | |
| errata-xmlrpc | 2023-03-23 08:53:27 UTC | Link ID | Red Hat Product Errata RHBA-2023:1431 | |
| errata-xmlrpc | 2023-03-23 13:05:04 UTC | Link ID | Red Hat Product Errata RHBA-2023:1446 | |
| errata-xmlrpc | 2023-03-23 17:47:59 UTC | Link ID | Red Hat Product Errata RHBA-2023:1449 | |
| errata-xmlrpc | 2023-03-27 01:23:03 UTC | Link ID | Red Hat Product Errata RHBA-2023:1459 | |
| errata-xmlrpc | 2023-03-27 06:58:59 UTC | Link ID | Red Hat Product Errata RHBA-2023:1460 | |
| errata-xmlrpc | 2023-03-27 07:48:49 UTC | Link ID | Red Hat Product Errata RHBA-2023:1463 | |
| errata-xmlrpc | 2023-03-27 08:02:47 UTC | Link ID | Red Hat Product Errata RHBA-2023:1465 | |
| errata-xmlrpc | 2023-03-27 08:50:17 UTC | Link ID | Red Hat Product Errata RHBA-2023:1461 | |
| errata-xmlrpc | 2023-03-27 10:35:10 UTC | Link ID | Red Hat Product Errata RHBA-2023:1464 | |
| errata-xmlrpc | 2023-03-27 10:36:02 UTC | Link ID | Red Hat Product Errata RHBA-2023:1475 | |
| errata-xmlrpc | 2023-03-27 10:54:12 UTC | Link ID | Red Hat Product Errata RHBA-2023:1477 | |
| errata-xmlrpc | 2023-03-27 11:23:53 UTC | Link ID | Red Hat Product Errata RHBA-2023:1476 | |
| errata-xmlrpc | 2023-03-28 11:36:19 UTC | Link ID | Red Hat Product Errata RHBA-2023:1493 | |
| errata-xmlrpc | 2023-03-28 14:02:01 UTC | Link ID | Red Hat Product Errata RHBA-2023:1497 | |
| errata-xmlrpc | 2023-03-28 17:57:54 UTC | Link ID | Red Hat Product Errata RHBA-2023:1499 | |
| errata-xmlrpc | 2023-03-28 19:04:49 UTC | Link ID | Red Hat Product Errata RHBA-2023:1500 | |
| errata-xmlrpc | 2023-03-28 21:16:06 UTC | Link ID | Red Hat Product Errata RHBA-2023:1502 | |
| errata-xmlrpc | 2023-03-29 12:45:50 UTC | Link ID | Red Hat Product Errata RHBA-2023:1520 | |
| errata-xmlrpc | 2023-03-29 12:49:54 UTC | Link ID | Red Hat Product Errata RHBA-2023:1519 | |
| errata-xmlrpc | 2023-03-29 12:59:21 UTC | Link ID | Red Hat Product Errata RHBA-2023:1517 | |
| errata-xmlrpc | 2023-03-30 09:59:21 UTC | Link ID | Red Hat Product Errata RHBA-2023:1530 | |
| errata-xmlrpc | 2023-03-30 12:21:23 UTC | Link ID | Red Hat Product Errata RHBA-2023:1532 | |
| errata-xmlrpc | 2023-03-30 15:39:55 UTC | Link ID | Red Hat Product Errata RHBA-2023:1536 | |
| errata-xmlrpc | 2023-03-30 19:40:01 UTC | Link ID | Red Hat Product Errata RHBA-2023:1539 | |
| errata-xmlrpc | 2023-04-04 14:23:32 UTC | Link ID | Red Hat Product Errata RHBA-2023:1625 | |
| errata-xmlrpc | 2023-04-04 15:41:51 UTC | Link ID | Red Hat Product Errata RHBA-2023:1626 | |
| errata-xmlrpc | 2023-04-04 16:42:14 UTC | Link ID | Red Hat Product Errata RHBA-2023:1628 | |
| errata-xmlrpc | 2023-04-04 16:48:15 UTC | Link ID | Red Hat Product Errata RHBA-2023:1627 | |
| errata-xmlrpc | 2023-04-05 02:58:34 UTC | Link ID | Red Hat Product Errata RHBA-2023:1641 | |
| errata-xmlrpc | 2023-04-05 12:31:04 UTC | Link ID | Red Hat Product Errata RHBA-2023:1654 | |
| errata-xmlrpc | 2023-04-11 14:49:51 UTC | Link ID | Red Hat Product Errata RHBA-2023:1708 | |
| errata-xmlrpc | 2023-04-11 21:35:14 UTC | Link ID | Red Hat Product Errata RHBA-2023:1736 | |
| errata-xmlrpc | 2023-04-12 21:25:16 UTC | Link ID | Red Hat Product Errata RHBA-2023:1764 | |
| errata-xmlrpc | 2023-04-17 01:50:48 UTC | Link ID | Red Hat Product Errata RHBA-2023:1798 | |
| errata-xmlrpc | 2023-04-17 13:18:33 UTC | Link ID | Red Hat Product Errata RHBA-2023:1800 | |
| errata-xmlrpc | 2023-04-18 16:52:52 UTC | Link ID | Red Hat Product Errata RHBA-2023:1825 | |
| errata-xmlrpc | 2023-04-18 21:30:17 UTC | Link ID | Red Hat Product Errata RHBA-2023:1850 | |
| errata-xmlrpc | 2023-04-19 19:40:46 UTC | Link ID | Red Hat Product Errata RHBA-2023:1886 | |
| errata-xmlrpc | 2023-04-24 01:45:01 UTC | Link ID | Red Hat Product Errata RHBA-2023:1929 | |
| errata-xmlrpc | 2023-04-26 18:29:08 UTC | Link ID | Red Hat Product Errata RHBA-2023:2033 | |
| errata-xmlrpc | 2023-04-27 13:25:47 UTC | Link ID | Red Hat Product Errata RHBA-2023:2048 | |
| Nick Tait | 2023-04-28 22:28:42 UTC | Depends On | 2191726 | |
| Nick Tait | 2023-04-28 22:32:57 UTC | Depends On | 2191727 | |
| Nick Tait | 2023-04-28 22:35:19 UTC | Depends On | 2191728 | |
| errata-xmlrpc | 2023-05-02 18:14:58 UTC | Link ID | Red Hat Product Errata RHBA-2023:2086 | |
| errata-xmlrpc | 2023-05-03 02:30:45 UTC | Link ID | Red Hat Product Errata RHBA-2023:2088 | |
| errata-xmlrpc | 2023-05-03 22:06:01 UTC | Link ID | Red Hat Product Errata RHBA-2023:2105 | |
| errata-xmlrpc | 2023-05-03 22:25:46 UTC | Link ID | Red Hat Product Errata RHBA-2023:2106 | |
| errata-xmlrpc | 2023-05-09 07:13:21 UTC | Link ID | Red Hat Product Errata RHSA-2023:2165 | |
| errata-xmlrpc | 2023-05-16 08:29:50 UTC | Link ID | Red Hat Product Errata RHSA-2023:2932 | |
| RHEL Program Management Team | 2023-05-19 17:22:36 UTC | Depends On | 2208594 | |
| RHEL Program Management Team | 2023-05-19 17:22:44 UTC | Depends On | 2208595 | |
| errata-xmlrpc | 2023-05-31 18:36:52 UTC | Link ID | Red Hat Product Errata RHSA-2023:3408 | |
| errata-xmlrpc | 2023-06-05 11:47:10 UTC | Link ID | Red Hat Product Errata RHSA-2023:3355 | |
| errata-xmlrpc | 2023-06-05 11:50:58 UTC | Link ID | Red Hat Product Errata RHSA-2023:3354 | |
| errata-xmlrpc | 2023-06-05 13:56:08 UTC | Link ID | Red Hat Product Errata RHSA-2023:3420 | |
| errata-xmlrpc | 2023-06-05 14:16:40 UTC | Link ID | Red Hat Product Errata RHSA-2023:3421 | |
| errata-xmlrpc | 2023-07-18 08:19:42 UTC | Link ID | Red Hat Product Errata RHSA-2023:4128 |
Back to bug 2164487