Bug 1362016 (CVE-2016-6489)
Summary: | CVE-2016-6489 nettle: RSA/DSA code is vulnerable to cache-timing related attacks | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Huzaifa S. Sidhpurwala <huzaifas> |
Component: | vulnerability | Assignee: | Red Hat Product Security <security-response-team> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | unspecified | CC: | cperry, dwmw2, huzaifas, klember, mike, nmavrogi, pwouters, slawomir, szidek, tmraz |
Target Milestone: | --- | Keywords: | Reopened, Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | If docs needed, set a value | |
Doc Text: |
It was found that nettle's RSA and DSA decryption code was vulnerable to cache-related side channel attacks. An attacker could use this flaw to recover the private key from a co-located virtual-machine instance.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | 2019-07-12 13:04:19 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 1362017, 1362018, 1362020, 1362021, 1362022, 1364897, 1429958, 1429959 | ||
Bug Blocks: | 1323912 |
Description
Huzaifa S. Sidhpurwala
2016-08-01 07:55:45 UTC
Created nettle tracking bugs for this issue: Affects: fedora-all [bug 1362017] Affects: epel-5 [bug 1362021] Created mingw-nettle tracking bugs for this issue: Affects: fedora-all [bug 1362018] Affects: epel-7 [bug 1362022] Created compat-nettle27 tracking bugs for this issue: Affects: fedora-23 [bug 1362020] Note: As per: http://seclists.org/oss-sec/2016/q3/206 , the upstream fix has "some unintended side effects" and needs to be reviewed before being applied. The upstream author has included sanity checks at the functions using mpz_powm_sec() to prevent crashes by invalid private keys. As such, the unintended side-effects are no longer the case. https://git.lysator.liu.se/nettle/nettle/commit/52b9223126b3f997c00d399166c006ae28669068 This issue has been addressed in the following products: Red Hat Enterprise Linux 7 Via RHSA-2016:2582 https://rhn.redhat.com/errata/RHSA-2016-2582.html This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2016-6489 |