CVE-2014-0076 | 2014

By Year
2014
CVE-2014-0076

CVE-2014-0076

The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.

Published at

2014-03-25T13:25Z

3687 days ago

Modified

2023-02-13T00:31Z

441 days ago

CWE-310

Problem type

References

URL	Type
bugzilla.novell.com https://bugzilla.novell.com/show_bug.cgi?id=869945	CONFIRM
eprint.iacr.org http://eprint.iacr.org/2014/140	MISC
bugs.gentoo.org https://bugs.gentoo.org/show_bug.cgi?id=505278	CONFIRM
www.openssl.org http://www.openssl.org/news/secadv_20140605.txt	CONFIRM
20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl	CISCO
www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21676035	CONFIRM
59438 http://secunia.com/advisories/59438	SECUNIA
advisories.mageia.org http://advisories.mageia.org/MGASA-2014-0165.html	CONFIRM
59450 http://secunia.com/advisories/59450	SECUNIA
59721 http://secunia.com/advisories/59721	SECUNIA
www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21677695	CONFIRM
59655 http://secunia.com/advisories/59655	SECUNIA
www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21676655	CONFIRM
59162 http://secunia.com/advisories/59162	SECUNIA
58939 http://secunia.com/advisories/58939	SECUNIA
MDVSA-2014:067 http://www.mandriva.com/security/advisories?name=MDVSA-2014:067	MANDRIVA
www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21677828	CONFIRM
www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21676424	CONFIRM
59490 http://secunia.com/advisories/59490	SECUNIA
www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21676062	CONFIRM
58727 http://secunia.com/advisories/58727	SECUNIA
kc.mcafee.com https://kc.mcafee.com/corporate/index?page=content&id=SB10075	CONFIRM
www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21676419	CONFIRM
www.novell.com http://www.novell.com/support/kb/doc.php?id=7015300	CONFIRM
www.huawei.com http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm	CONFIRM
66363 http://www.securityfocus.com/bid/66363	BID
www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21673137	CONFIRM
59514 http://secunia.com/advisories/59514	SECUNIA
59495 http://secunia.com/advisories/59495	SECUNIA
59413 http://secunia.com/advisories/59413	SECUNIA
www.novell.com http://www.novell.com/support/kb/doc.php?id=7015264	CONFIRM
59300 http://secunia.com/advisories/59300	SECUNIA
www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=isg400001843	CONFIRM
www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=isg400001841	CONFIRM
60571 http://secunia.com/advisories/60571	SECUNIA
support.apple.com http://support.apple.com/kb/HT6443	CONFIRM
www.oracle.com http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	CONFIRM
MDVSA-2015:062 http://www.mandriva.com/security/advisories?name=MDVSA-2015:062	MANDRIVA
www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21676092	CONFIRM
SSRT101590 http://marc.info/?l=bugtraq&m=140266410314613&w=2	HP
HPSBMU03051 http://marc.info/?l=bugtraq&m=140448122410568&w=2	HP
HPSBMU03074 http://marc.info/?l=bugtraq&m=140621259019789&w=2	HP
HPSBGN03050 http://marc.info/?l=bugtraq&m=140482916501310&w=2	HP
HPSBMU03057 http://marc.info/?l=bugtraq&m=140389274407904&w=2	HP
HPSBOV03047 http://marc.info/?l=bugtraq&m=140317760000786&w=2	HP
HPSBMU03076 http://marc.info/?l=bugtraq&m=140904544427729&w=2	HP
HPSBMU03056 http://marc.info/?l=bugtraq&m=140389355508263&w=2	HP
HPSBMU03062 http://marc.info/?l=bugtraq&m=140752315422991&w=2	HP
h20566.www2.hpe.com https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946	CONFIRM
openSUSE-SU-2016:0640 http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html	SUSE
www-01.ibm.com http://www-01.ibm.com/support/docview.wss?uid=swg21676501	CONFIRM
59454 http://secunia.com/advisories/59454	SECUNIA
59445 http://secunia.com/advisories/59445	SECUNIA
59374 http://secunia.com/advisories/59374	SECUNIA
59364 http://secunia.com/advisories/59364	SECUNIA
59264 http://secunia.com/advisories/59264	SECUNIA
59175 http://secunia.com/advisories/59175	SECUNIA
59040 http://secunia.com/advisories/59040	SECUNIA
58492 http://secunia.com/advisories/58492	SECUNIA
kb.juniper.net http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629	CONFIRM
www.oracle.com http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html	CONFIRM
USN-2165-1 http://www.ubuntu.com/usn/USN-2165-1	UBUNTU
openSUSE-SU-2014:0480 http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html	SUSE
git.openssl.org http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2198be3483259de374f91e57d247d0fc667aef29	MISC

GET https://vulnerabilitydata.com/api/details/CVE-2014-0076

{
	"id": "CVE-2014-0076",
	"published_date": "2014-03-25T13:25Z",
	"last_modified_date": "2023-02-13T00:31Z",
	"assigner": "secalert@redhat.com",
	"description": "The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.",
	"references": [
		{
			"url": "https://bugzilla.novell.com/show_bug.cgi?id=869945",
			"name": "https://bugzilla.novell.com/show_bug.cgi?id=869945",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://eprint.iacr.org/2014/140",
			"name": "http://eprint.iacr.org/2014/140",
			"refsource": "MISC",
			"tags": []
		},
		{
			"url": "https://bugs.gentoo.org/show_bug.cgi?id=505278",
			"name": "https://bugs.gentoo.org/show_bug.cgi?id=505278",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://www.openssl.org/news/secadv_20140605.txt",
			"name": "http://www.openssl.org/news/secadv_20140605.txt",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl",
			"name": "20140605 Multiple Vulnerabilities in OpenSSL Affecting Cisco Products",
			"refsource": "CISCO",
			"tags": []
		},
		{
			"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035",
			"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/59438",
			"name": "59438",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://advisories.mageia.org/MGASA-2014-0165.html",
			"name": "http://advisories.mageia.org/MGASA-2014-0165.html",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/59450",
			"name": "59450",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/59721",
			"name": "59721",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695",
			"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/59655",
			"name": "59655",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655",
			"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/59162",
			"name": "59162",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/58939",
			"name": "58939",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:067",
			"name": "MDVSA-2014:067",
			"refsource": "MANDRIVA",
			"tags": []
		},
		{
			"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828",
			"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676424",
			"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676424",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/59490",
			"name": "59490",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062",
			"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/58727",
			"name": "58727",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10075",
			"name": "https://kc.mcafee.com/corporate/index?page=content&id=SB10075",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419",
			"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://www.novell.com/support/kb/doc.php?id=7015300",
			"name": "http://www.novell.com/support/kb/doc.php?id=7015300",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm",
			"name": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://www.securityfocus.com/bid/66363",
			"name": "66363",
			"refsource": "BID",
			"tags": []
		},
		{
			"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137",
			"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/59514",
			"name": "59514",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/59495",
			"name": "59495",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/59413",
			"name": "59413",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://www.novell.com/support/kb/doc.php?id=7015264",
			"name": "http://www.novell.com/support/kb/doc.php?id=7015264",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/59300",
			"name": "59300",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843",
			"name": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841",
			"name": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/60571",
			"name": "60571",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://support.apple.com/kb/HT6443",
			"name": "http://support.apple.com/kb/HT6443",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
			"name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062",
			"name": "MDVSA-2015:062",
			"refsource": "MANDRIVA",
			"tags": []
		},
		{
			"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092",
			"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://marc.info/?l=bugtraq&m=140266410314613&w=2",
			"name": "SSRT101590",
			"refsource": "HP",
			"tags": []
		},
		{
			"url": "http://marc.info/?l=bugtraq&m=140448122410568&w=2",
			"name": "HPSBMU03051",
			"refsource": "HP",
			"tags": []
		},
		{
			"url": "http://marc.info/?l=bugtraq&m=140621259019789&w=2",
			"name": "HPSBMU03074",
			"refsource": "HP",
			"tags": []
		},
		{
			"url": "http://marc.info/?l=bugtraq&m=140482916501310&w=2",
			"name": "HPSBGN03050",
			"refsource": "HP",
			"tags": []
		},
		{
			"url": "http://marc.info/?l=bugtraq&m=140389274407904&w=2",
			"name": "HPSBMU03057",
			"refsource": "HP",
			"tags": []
		},
		{
			"url": "http://marc.info/?l=bugtraq&m=140317760000786&w=2",
			"name": "HPSBOV03047",
			"refsource": "HP",
			"tags": []
		},
		{
			"url": "http://marc.info/?l=bugtraq&m=140904544427729&w=2",
			"name": "HPSBMU03076",
			"refsource": "HP",
			"tags": []
		},
		{
			"url": "http://marc.info/?l=bugtraq&m=140389355508263&w=2",
			"name": "HPSBMU03056",
			"refsource": "HP",
			"tags": []
		},
		{
			"url": "http://marc.info/?l=bugtraq&m=140752315422991&w=2",
			"name": "HPSBMU03062",
			"refsource": "HP",
			"tags": []
		},
		{
			"url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946",
			"name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html",
			"name": "openSUSE-SU-2016:0640",
			"refsource": "SUSE",
			"tags": []
		},
		{
			"url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501",
			"name": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/59454",
			"name": "59454",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/59445",
			"name": "59445",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/59374",
			"name": "59374",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/59364",
			"name": "59364",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/59264",
			"name": "59264",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/59175",
			"name": "59175",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/59040",
			"name": "59040",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://secunia.com/advisories/58492",
			"name": "58492",
			"refsource": "SECUNIA",
			"tags": []
		},
		{
			"url": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629",
			"name": "http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
			"name": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html",
			"refsource": "CONFIRM",
			"tags": []
		},
		{
			"url": "http://www.ubuntu.com/usn/USN-2165-1",
			"name": "USN-2165-1",
			"refsource": "UBUNTU",
			"tags": []
		},
		{
			"url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html",
			"name": "openSUSE-SU-2014:0480",
			"refsource": "SUSE",
			"tags": []
		},
		{
			"url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2198be3483259de374f91e57d247d0fc667aef29",
			"name": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2198be3483259de374f91e57d247d0fc667aef29",
			"refsource": "MISC",
			"tags": []
		}
	],
	"impact": {
		"baseMetricV2": {
			"cvssV2": {
				"version": "2.0",
				"vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
				"accessVector": "LOCAL",
				"accessComplexity": "MEDIUM",
				"authentication": "NONE",
				"confidentialityImpact": "PARTIAL",
				"integrityImpact": "NONE",
				"availabilityImpact": "NONE",
				"baseScore": 1.9
			},
			"severity": "LOW",
			"exploitabilityScore": 3.4,
			"impactScore": 2.9,
			"obtainAllPrivilege": false,
			"obtainUserPrivilege": false,
			"obtainOtherPrivilege": false,
			"userInteractionRequired": false
		}
	},
	"problem_type": "CWE-310"
}

Vulnerability Data

by Reconmap

CVE-2014-0076

The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.

References

GET https://vulnerabilitydata.com/api/details/CVE-2014-0076