OpenSSL RSA key generation was found to be vulnerable to cache side-channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover parts of the private key.
OpenSSL before versions 1.0.2p and 1.1.0i are vulnerable to RSA key generation cache timing side channel attacks. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key.
Created openssl tracking bugs for this issue:
Affects: fedora-all [bug 1568256]
Created mingw-openssl tracking bugs for this issue:
Affects: fedora-all [bug 1568257]
Affects: epel-7 [bug 1568254]
This attack needs the attacker to be present on the same physical machine, where the key is being generated. Also the attack has to be mounted at the exact time, when the RSA private key is being generated, to be useful. Enterprise setups where HSM modules are used to generate and store RSA private keys are not affected by this flaw.
This issue has been addressed in the following products:
Red Hat Enterprise Linux 7
Via RHSA-2018:3221 https://access.redhat.com/errata/RHSA-2018:3221