Memory-Cache Side-Channel Attack in Libgcrypt by GnuPG
CVE-2018-0495

4.7MEDIUM

Key Information:

Vendor

Gnupg

Status
Libgcrypt Before 1.7.10 And 1.8.x Before 1.8.3
Vendor
CVE Published:
13 June 2018

What is CVE-2018-0495?

A memory-cache side-channel vulnerability found in Libgcrypt allows an attacker to exploit ECDSA signatures. This exploit, commonly referred to as the Return Of the Hidden Number Problem (ROHNP), enables an attacker with access to the local machine or a shared physical host to potentially uncover ECDSA keys. The attack can be mitigated by implementing blinding techniques during the signing process.

Affected Version(s)

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 Libgcrypt before 1.7.10 and 1.8.x before 1.8.3

References

https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%...
x_refsource_MISC
http://www.securitytracker.com/id/1041144
vdb-entryx_refsource_SECTRACK
https://usn.ubuntu.com/3850-1/
vendor-advisoryx_refsource_UBUNTU

CVSS V3.1

Score:
4.7
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.