CVE Vulnerabilities

CVE-2014-0076

Published: Mar 25, 2014 | Modified: Feb 13, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
1.9 LOW
AV:L/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.

Affected Software

Name Vendor Start Version End Version
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.5a 0.9.5a
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.8b 0.9.8b
Openssl Openssl 0.9.7l 0.9.7l
Openssl Openssl 0.9.6i 0.9.6i
Openssl Openssl 0.9.8m 0.9.8m
Openssl Openssl 0.9.3 0.9.3
Openssl Openssl 0.9.8c 0.9.8c
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 1.0.0c 1.0.0c
Openssl Openssl 1.0.0i 1.0.0i
Openssl Openssl 0.9.7c 0.9.7c
Openssl Openssl 1.0.0 1.0.0
Openssl Openssl 0.9.5 0.9.5
Openssl Openssl 0.9.8n 0.9.8n
Openssl Openssl 1.0.0 1.0.0
Openssl Openssl 0.9.8p 0.9.8p
Openssl Openssl 0.9.6d 0.9.6d
Openssl Openssl 0.9.1c 0.9.1c
Openssl Openssl 0.9.6 0.9.6
Openssl Openssl 0.9.7j 0.9.7j
Openssl Openssl 0.9.6a 0.9.6a
Openssl Openssl 0.9.8e 0.9.8e
Openssl Openssl 0.9.8u 0.9.8u
Openssl Openssl 0.9.4 0.9.4
Openssl Openssl 0.9.8g 0.9.8g
Openssl Openssl 1.0.0h 1.0.0h
Openssl Openssl 0.9.6a 0.9.6a
Openssl Openssl 0.9.8k 0.9.8k
Openssl Openssl 0.9.8m 0.9.8m
Openssl Openssl 0.9.8d 0.9.8d
Openssl Openssl 0.9.5a 0.9.5a
Openssl Openssl 1.0.0 1.0.0
Openssl Openssl 1.0.0e 1.0.0e
Openssl Openssl 1.0.0f 1.0.0f
Openssl Openssl 0.9.6f 0.9.6f
Openssl Openssl 0.9.8j 0.9.8j
Openssl Openssl 0.9.6 0.9.6
Openssl Openssl 0.9.6l 0.9.6l
Openssl Openssl 1.0.0d 1.0.0d
Openssl Openssl 0.9.7k 0.9.7k
Openssl Openssl 1.0.0j 1.0.0j
Openssl Openssl 0.9.8s 0.9.8s
Openssl Openssl 0.9.7g 0.9.7g
Openssl Openssl 0.9.6e 0.9.6e
Openssl Openssl 0.9.7d 0.9.7d
Openssl Openssl 0.9.8l 0.9.8l
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.6b 0.9.6b
Openssl Openssl 0.9.7e 0.9.7e
Openssl Openssl 0.9.7b 0.9.7b
Openssl Openssl 1.0.0k 1.0.0k
Openssl Openssl 0.9.8r 0.9.8r
Openssl Openssl 0.9.8t 0.9.8t
Openssl Openssl 0.9.6a 0.9.6a
Openssl Openssl 1.0.0 1.0.0
Openssl Openssl 0.9.6k 0.9.6k
Openssl Openssl 0.9.8a 0.9.8a
Openssl Openssl * 1.0.0l
Openssl Openssl 0.9.6g 0.9.6g
Openssl Openssl 0.9.6 0.9.6
Openssl Openssl 0.9.7m 0.9.7m
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.3a 0.9.3a
Openssl Openssl 0.9.6h 0.9.6h
Openssl Openssl 1.0.0 1.0.0
Openssl Openssl 0.9.7 0.9.7
Openssl Openssl 0.9.7i 0.9.7i
Openssl Openssl 0.9.7h 0.9.7h
Openssl Openssl 0.9.8o 0.9.8o
Openssl Openssl 0.9.8q 0.9.8q
Openssl Openssl 0.9.8w 0.9.8w
Openssl Openssl 1.0.0 1.0.0
Openssl Openssl 0.9.6j 0.9.6j
Openssl Openssl 0.9.8 0.9.8
Openssl Openssl 0.9.7a 0.9.7a
Openssl Openssl 0.9.6c 0.9.6c
Openssl Openssl 0.9.6 0.9.6
Openssl Openssl 0.9.6m 0.9.6m
Openssl Openssl 0.9.8v 0.9.8v
Openssl Openssl 0.9.8i 0.9.8i
Openssl Openssl 0.9.8f 0.9.8f
Openssl Openssl 0.9.5 0.9.5
Openssl Openssl 0.9.8y 0.9.8y
Openssl Openssl 1.0.0a 1.0.0a
Openssl Openssl 0.9.8h 0.9.8h
Openssl Openssl 0.9.8x 0.9.8x
Openssl Openssl 0.9.2b 0.9.2b
Openssl Openssl 0.9.5 0.9.5
Openssl Openssl 0.9.5a 0.9.5a
Openssl Openssl 1.0.0b 1.0.0b
Openssl Openssl 1.0.0g 1.0.0g
Openssl Openssl 0.9.6a 0.9.6a
Openssl Openssl 0.9.7f 0.9.7f

References