Bug 1730320 (CVE-2019-12904) - CVE-2019-12904 Libgcrypt: physical addresses being available to other processes leads to a flush-and-reload side-channel attack
Summary: CVE-2019-12904 Libgcrypt: physical addresses being available to other process...
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2019-12904
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1730321 1752913
Blocks: 1730324
TreeView+ depends on / blocked
 
Reported: 2019-07-16 12:46 UTC by Marian Rehak
Modified: 2019-09-29 15:16 UTC (History)
6 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2019-09-17 14:38:36 UTC

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Marian Rehak 2019-07-16 12:46:41 UTC 
In Libgcrypt 1.8.4, the C implementation of AES is vulnerable to a flush-and-reload side-channel attack because physical addresses are available to other processes. (The C implementation is used on platforms where an assembly-language implementation is unavailable.)

External Reference:

https://people.canonical.com/~ubuntu-security/cve/2019/CVE-2019-12904.html
Comment 1 Marian Rehak 2019-07-16 12:47:11 UTC 
Created libgcrypt tracking bugs for this issue:

Affects: fedora-all [bug 1730321]
Comment 2 Marco Benatto 2019-09-17 14:38:36 UTC 
This seems more a theoretical attack possibility than and practical one. This seems to be the same opinion from upstream maintainers at https://dev.gnupg.org/T4541.
Given that, the patches looks like much more a hardening. I'm closing this bug as WONTFIX for now.
Comment 3 Marco Benatto 2019-09-17 14:44:27 UTC 
Created mingw-libgcrypt tracking bugs for this issue:

Affects: epel-7 [bug 1752913]
Note You need to log in before you can comment on or make changes to this bug.