Podatność CVE-2018-12436


Publikacja: 2018-06-14   Modyfikacja: 2018-06-15

Opis:
wolfcrypt/src/ecc.c in wolfSSL before 3.15.1.patch allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

Typ:

CWE-200

(Information Exposure)

Producent: Wolfssl
Produkt: Wolfssl 
Wersje:
3.9.8
3.6.6
3.10.4
3.10.0a
3.10.0

CVSS2 => (AV:L/AC:M/Au:N/C:P/I:N/A:N)

Ogólna skala CVSS
Znaczenie
Łatwość wykorzystania
1.9/10
2.9/10
3.4/10
Wymagany dostęp
Złożoność ataku
Autoryzacja
Lokalny
Średnia
Nie wymagana
Wpływ na poufność
Wpływ na integralność
Wpływ na dostępność
Częściowy
Brak
Brak

 Referencje:
https://github.com/wolfSSL/wolfssl/commit/9b9568d500f31f964af26ba8d01e542e1f27e5ca
https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/
https://www.wolfssl.com/wolfssh-and-rohnp/

Podobne CVE
CVE-2019-18840
In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer overflow inside the DecodedCert structure in GetName in wolfc...
CVE-2019-13628
wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without --enable-fpecc, --enable-sp, or --enable-sp-math) contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to precisely measure the duration of si...
CVE-2019-16748
In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer over-read in CheckCertSignature_ex in wolfcrypt/src/asn.c.
CVE-2019-15651
wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCertExtensions in wolfcrypt/src/asn.c because reading the ASN_BOOLEAN byte is mishandled for a crafted DER certificate in GetLength_ex.
CVE-2019-11873
wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. An attacker sends a crafted hello client packet over the network to a TLSv1.3 wolfSSL server. The length fields of ...
CVE-2019-6439
examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL through 3.15.7 has a heap-based buffer overflow.
CVE-2018-16870
It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to leakage of sensible data.
CVE-2018-12438
The Elliptic Curve Cryptography library (aka sunec or libsunec) allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the loc...

Copyright 2019, cxsecurity.com

 

Back to Top