Bugzilla – Bug 968050
VUL-1: CVE-2016-0702: openssl: Side channel attack on modular exponentiation "CacheBleed"
Last modified: 2022-02-16 21:22:50 UTC
bugbot adjusting priority
An update workflow for this issue was started. This issue was rated as important. Please submit fixed packages until 2016-03-04. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/62484
The SSE assembler code for Montgomery multiplication that is affected by this problem is NOT in the openssl 0.9.8j and older versions. This issue only affects our openssl 1.0.1 versions.
http://ssrg.nicta.com.au/projects/TS/cachebleed// is the website for this problem.
commit 7f98aa7403a1244cf17d1aa489f5bb0f39bae431 Author: Andy Polyakov <appro@openssl.org> Date: Tue Jan 26 16:25:02 2016 +0100 crypto/bn/x86_64-mont5.pl: constant-time gather procedure. [Backport from master] CVE-2016-0702 Reviewed-by: Richard Levitte <levitte@openssl.org> commit d7a854c055ff22fb7da80c3b0e7cb08d248591d0 Author: Andy Polyakov <appro@openssl.org> Date: Tue Jan 26 11:34:41 2016 +0100 bn/bn_exp.c: constant-time MOD_EXP_CTIME_COPY_FROM_PREBUF. Performance penalty varies from platform to platform, and even key length. For rsa2048 sign it was observed to reach almost 10%. CVE-2016-0702 Reviewed-by: Richard Levitte <levitte@openssl.org>
Side channel attack on modular exponentiation (CVE-2016-0702) ============================================================= Severity: Low A side-channel attack was found which makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture which could lead to the recovery of RSA keys. The ability to exploit this issue is limited as it relies on an attacker who has control of code in a thread running on the same hyper-threaded core as the victim thread which is performing decryptions. This issue affects OpenSSL versions 1.0.2 and 1.0.1. OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s This issue was reported to OpenSSL on Jan 8th 2016 by Yuval Yarom, The University of Adelaide and NICTA, Daniel Genkin, Technion and Tel Aviv University, and Nadia Heninger, University of Pennsylvania with more information at http://cachebleed.info. The fix was developed by Andy Polyakov of OpenSSL.
This is an autogenerated message for OBS integration: This bug (968050) was mentioned in https://build.opensuse.org/request/show/363587 13.2 / openssl
Packages are submitted. Reassigning to security team.
SUSE-SU-2016:0617-1: An update that solves 9 vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 952871,958501,963415,968046,968047,968048,968050,968051,968053,968265,968374 CVE References: CVE-2015-3197,CVE-2016-0702,CVE-2016-0703,CVE-2016-0704,CVE-2016-0705,CVE-2016-0797,CVE-2016-0798,CVE-2016-0799,CVE-2016-0800 Sources used: SUSE Linux Enterprise Software Development Kit 12 (src): openssl-1.0.1i-27.13.1 SUSE Linux Enterprise Server 12 (src): openssl-1.0.1i-27.13.1 SUSE Linux Enterprise Desktop 12 (src): openssl-1.0.1i-27.13.1
SUSE-SU-2016:0620-1: An update that solves 9 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 958501,963415,968046,968047,968048,968050,968051,968053,968265,968374 CVE References: CVE-2015-3197,CVE-2016-0702,CVE-2016-0703,CVE-2016-0704,CVE-2016-0705,CVE-2016-0797,CVE-2016-0798,CVE-2016-0799,CVE-2016-0800 Sources used: SUSE Linux Enterprise Software Development Kit 12-SP1 (src): openssl-1.0.1i-44.1 SUSE Linux Enterprise Server 12-SP1 (src): openssl-1.0.1i-44.1 SUSE Linux Enterprise Desktop 12-SP1 (src): openssl-1.0.1i-44.1
SUSE-SU-2016:0621-1: An update that solves 9 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 952871,963415,968046,968047,968048,968050,968051,968053,968265,968374 CVE References: CVE-2015-3197,CVE-2016-0702,CVE-2016-0703,CVE-2016-0704,CVE-2016-0705,CVE-2016-0797,CVE-2016-0798,CVE-2016-0799,CVE-2016-0800 Sources used: SUSE Linux Enterprise Server 11-SECURITY (src): openssl1-1.0.1g-0.40.1
openSUSE-SU-2016:0627-1: An update that solves 6 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 952871,968046,968047,968048,968050,968265,968374 CVE References: CVE-2016-0702,CVE-2016-0705,CVE-2016-0797,CVE-2016-0798,CVE-2016-0799,CVE-2016-0800 Sources used: openSUSE 13.2 (src): openssl-1.0.1k-2.33.1
openSUSE-SU-2016:0628-1: An update that solves 9 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 958501,963415,968046,968047,968048,968050,968051,968053,968265,968374 CVE References: CVE-2015-3197,CVE-2016-0702,CVE-2016-0703,CVE-2016-0704,CVE-2016-0705,CVE-2016-0797,CVE-2016-0798,CVE-2016-0799,CVE-2016-0800 Sources used: openSUSE Leap 42.1 (src): openssl-1.0.1i-12.1
openSUSE-SU-2016:0637-1: An update that fixes 11 vulnerabilities is now available. Category: security (important) Bug References: 957812,957815,963415,968046,968047,968048,968050,968265,968374 CVE References: CVE-2015-1794,CVE-2015-3194,CVE-2015-3195,CVE-2015-3197,CVE-2016-0701,CVE-2016-0702,CVE-2016-0705,CVE-2016-0797,CVE-2016-0798,CVE-2016-0799,CVE-2016-0800 Sources used: openSUSE Evergreen 11.4 (src): openssl-1.0.1p-71.1
I correct my statement from comment #c12. Not just the assembler was affected, but also the generic code. So we missed the backport of this part: commit d7a854c055ff22fb7da80c3b0e7cb08d248591d0 Author: Andy Polyakov <appro@openssl.org> Date: Tue Jan 26 11:34:41 2016 +0100 bn/bn_exp.c: constant-time MOD_EXP_CTIME_COPY_FROM_PREBUF. Performance penalty varies from platform to platform, and even key length. For rsa2048 sign it was observed to reach almost 10%. CVE-2016-0702 Reviewed-by: Richard Levitte <levitte@openssl.org> for openssl 0.9.8j, and openssl 0.9.8a
An update workflow for this issue was started. This issue was rated as important. Please submit fixed packages until 2016-05-10. When done, reassign the bug to security-team@suse.de. https://swamp.suse.de/webswamp/wf/62679
This is an autogenerated message for OBS integration: This bug (968050) was mentioned in https://build.opensuse.org/request/show/393469 13.2+42.1 / libopenssl0_9_8
openSUSE-SU-2016:1239-1: An update that solves 9 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 963415,968046,968048,968050,968374,976942,976943,977614,977615,977617 CVE References: CVE-2015-3197,CVE-2016-0702,CVE-2016-0797,CVE-2016-0799,CVE-2016-0800,CVE-2016-2105,CVE-2016-2106,CVE-2016-2108,CVE-2016-2109 Sources used: openSUSE Evergreen 11.4 (src): libopenssl0_9_8-0.9.8zh-14.1
openSUSE-SU-2016:1241-1: An update that solves 9 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 963415,968046,968048,968050,968374,976942,976943,977614,977615,977617 CVE References: CVE-2015-3197,CVE-2016-0702,CVE-2016-0797,CVE-2016-0799,CVE-2016-0800,CVE-2016-2105,CVE-2016-2106,CVE-2016-2108,CVE-2016-2109 Sources used: openSUSE 13.1 (src): libopenssl0_9_8-0.9.8zh-5.3.1
openSUSE-SU-2016:1242-1: An update that solves 5 vulnerabilities and has one errata is now available. Category: security (important) Bug References: 968050,976942,976943,977614,977615,977617 CVE References: CVE-2016-0702,CVE-2016-2105,CVE-2016-2106,CVE-2016-2108,CVE-2016-2109 Sources used: openSUSE Leap 42.1 (src): libopenssl0_9_8-0.9.8zh-17.1 openSUSE 13.2 (src): libopenssl0_9_8-0.9.8zh-9.6.1
SUSE-SU-2016:1267-1: An update that solves 5 vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 889013,968050,976942,976943,977614,977615,977617 CVE References: CVE-2016-0702,CVE-2016-2105,CVE-2016-2106,CVE-2016-2108,CVE-2016-2109 Sources used: SUSE Linux Enterprise Server for SAP 12-SP1 (src): compat-openssl098-0.9.8j-97.1 SUSE Linux Enterprise Module for Legacy Software 12 (src): compat-openssl098-0.9.8j-97.1 SUSE Linux Enterprise Desktop 12-SP1 (src): compat-openssl098-0.9.8j-97.1 SUSE Linux Enterprise Desktop 12 (src): compat-openssl098-0.9.8j-97.1
openSUSE-SU-2016:1273-1: An update that solves 5 vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 889013,968050,976942,976943,977614,977615,977617 CVE References: CVE-2016-0702,CVE-2016-2105,CVE-2016-2106,CVE-2016-2108,CVE-2016-2109 Sources used: openSUSE Leap 42.1 (src): compat-openssl098-0.9.8j-12.2
SUSE-SU-2016:1290-1: An update that solves 5 vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 889013,968050,976942,976943,977614,977615,977617 CVE References: CVE-2016-0702,CVE-2016-2105,CVE-2016-2106,CVE-2016-2108,CVE-2016-2109 Sources used: SUSE Studio Onsite 1.3 (src): openssl-0.9.8j-0.97.1 SUSE OpenStack Cloud 5 (src): openssl-0.9.8j-0.97.1 SUSE Manager Proxy 2.1 (src): openssl-0.9.8j-0.97.1 SUSE Manager 2.1 (src): openssl-0.9.8j-0.97.1 SUSE Linux Enterprise Software Development Kit 11-SP4 (src): openssl-0.9.8j-0.97.1 SUSE Linux Enterprise Server 11-SP4 (src): openssl-0.9.8j-0.97.1 SUSE Linux Enterprise Server 11-SP3-LTSS (src): openssl-0.9.8j-0.97.1 SUSE Linux Enterprise Server 11-SP2-LTSS (src): openssl-0.9.8j-0.97.1 SUSE Linux Enterprise Debuginfo 11-SP4 (src): openssl-0.9.8j-0.97.1 SUSE Linux Enterprise Debuginfo 11-SP3 (src): openssl-0.9.8j-0.97.1 SUSE Linux Enterprise Debuginfo 11-SP2 (src): openssl-0.9.8j-0.97.1
SUSE-SU-2016:1360-1: An update that solves 5 vulnerabilities and has two fixes is now available. Category: security (important) Bug References: 968050,973223,976942,976943,977614,977615,977617 CVE References: CVE-2016-0702,CVE-2016-2105,CVE-2016-2106,CVE-2016-2108,CVE-2016-2109 Sources used: SUSE Linux Enterprise Server 10 SP4 LTSS (src): openssl-0.9.8a-18.96.1
released
openSUSE-SU-2016:1566-1: An update that fixes 5 vulnerabilities is now available. Category: security (important) Bug References: 968047,968048,968050,977614,977616 CVE References: CVE-2016-0702,CVE-2016-0705,CVE-2016-0797,CVE-2016-2105,CVE-2016-2107 Sources used: openSUSE Leap 42.1 (src): nodejs-4.4.5-27.1 openSUSE 13.2 (src): nodejs-4.4.5-18.1
openSUSE-SU-2017:1211-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 1019334,968050 CVE References: CVE-2016-0702,CVE-2016-7056 Sources used: openSUSE Leap 42.2 (src): libressl-2.5.3-5.3.1
openSUSE-SU-2017:1212-1: An update that fixes two vulnerabilities is now available. Category: security (moderate) Bug References: 1019334,968050 CVE References: CVE-2016-0702,CVE-2016-7056 Sources used: openSUSE Leap 42.1 (src): libressl-2.5.3-13.1
SUSE-FU-2022:0445-1: An update that solves 183 vulnerabilities, contains 21 features and has 299 fixes is now available. Category: feature (moderate) Bug References: 1000080,1000117,1000194,1000677,1000742,1001148,1001912,1002585,1002895,1003091,1005246,1009528,1010874,1010966,1011936,1015549,1019637,1021641,1022085,1022086,1022271,1027079,1027610,1027688,1027705,1027908,1028281,1028723,1029523,1029902,1030038,1032118,1032119,1035604,1039469,1040164,1040256,1041090,1042392,1042670,1044095,1044107,1044175,1049186,1049304,1050653,1050665,1055478,1055542,1055825,1056058,1056951,1057496,1062237,1065363,1066242,1066873,1068790,1070737,1070738,1070853,1071905,1071906,1071941,1073310,1073845,1073879,1074247,1076519,1077096,1077230,1078329,1079761,1080301,1081005,1081750,1081751,1082155,1082163,1082318,1083826,1084117,1084157,1085276,1085529,1085661,1087102,1087104,1088573,1089039,1090427,1090765,1090953,1093518,1093917,1094788,1094814,1094883,1095267,1096738,1096937,1097158,1097531,1097624,1098535,1098592,1099308,1099569,1100078,1101246,1101470,1102868,1104789,1106197,1108508,1109882,1109998,1110435,1110869,1110871,1111493,1111622,1111657,1112209,1112357,1113534,1113652,1113742,1113975,1115769,1117951,1118611,1119376,1119416,1119792,1121717,1121852,1122191,1123064,1123185,1123186,1123558,1124885,1125815,1126283,1126318,1127080,1127173,1128146,1128323,1128355,1129071,1129566,1130840,1131291,1132174,1132323,1132455,1132663,1132900,1135009,1136444,1138666,1138715,1138746,1139915,1140255,1141168,1142899,1143033,1143454,1143893,1144506,1149686,1149792,1150003,1150190,1150250,1150895,1153830,1155815,1156677,1156694,1156908,1157104,1157354,1158809,1159235,1159538,1160163,1161557,1161770,1162224,1162367,1162743,1163978,1164310,1165439,1165578,1165730,1165823,1165960,1166139,1166758,1167008,1167501,1167732,1167746,1168480,1168973,1169489,1170175,1170863,1171368,1171561,1172226,1172908,1172928,1173226,1173356,1174009,1174091,1174514,1175729,1176116,1176129,1176134,1176232,1176256,1176257,1176258,1176259,1176262,1176389,1176785,1176977,1177120,1177127,1177559,1178168,1178341,1178670,1179491,1179562,1179630,1179805,1180125,1180781,1181126,1181324,1181944,1182066,1182211,1182244,1182264,1182331,1182333,1182379,1182963,1183059,1183374,1183858,1184505,1185588,1185706,1185748,1186738,1187045,1189521,1190781,1193357,356549,381844,394317,408865,428177,430141,431945,437293,442740,459468,489641,504687,509031,526319,590833,610223,610642,629905,637176,651003,657698,658604,670526,673071,693027,715423,720601,743787,747125,748738,749210,749213,749735,750618,751718,751946,751977,754447,754677,761500,774710,784670,784994,787526,793420,799119,802184,803004,809831,811890,822642,825221,828513,831629,832833,834601,835687,839107,84331,849377,855666,855676,856687,857203,857850,858239,867887,869945,871152,872299,873351,876282,876710,876712,876748,880891,885662,885882,889013,889363,892477,892480,895129,898917,901223,901277,901902,902364,906878,907584,908362,908372,912014,912015,912018,912292,912293,912294,912296,912460,913229,915479,917607,917759,917815,919648,920236,922448,922488,922496,922499,922500,926597,929678,929736,930189,931698,931978,933898,933911,934487,934489,934491,934493,935856,937085,937212,937492,937634,937912,939456,940608,942385,942751,943421,944204,945455,946648,947104,947357,947679,948198,952871,954256,954486,954690,957812,957813,957815,958501,961334,962291,963415,963974,964204,964472,964474,965830,967128,968046,968047,968048,968050,968265,968270,968374,968601,975875,976942,977584,977614,977615,977616,977663,978224,981848,982268,982575,983249,984323,985054,988086,990207,990392,990419,990428,991193,991877,992120,992988,992989,992992,993130,993819,993825,993968,994749,994844,994910,995075,995324,995359,995377,995959,996255,997043,997614,998190,999665,999666,999668 CVE References: CVE-2006-2937,CVE-2006-2940,CVE-2006-3738,CVE-2006-4339,CVE-2006-4343,CVE-2006-7250,CVE-2007-3108,CVE-2007-4995,CVE-2007-5135,CVE-2008-0891,CVE-2008-1672,CVE-2008-5077,CVE-2009-0590,CVE-2009-0591,CVE-2009-0789,CVE-2009-1377,CVE-2009-1378,CVE-2009-1379,CVE-2009-1386,CVE-2009-1387,CVE-2010-0740,CVE-2010-0742,CVE-2010-1633,CVE-2010-2939,CVE-2010-3864,CVE-2010-5298,CVE-2011-0014,CVE-2011-3207,CVE-2011-3210,CVE-2011-3389,CVE-2011-4108,CVE-2011-4576,CVE-2011-4577,CVE-2011-4619,CVE-2011-4944,CVE-2012-0027,CVE-2012-0050,CVE-2012-0845,CVE-2012-0884,CVE-2012-1150,CVE-2012-1165,CVE-2012-2110,CVE-2012-2686,CVE-2012-4929,CVE-2013-0166,CVE-2013-0169,CVE-2013-1752,CVE-2013-4238,CVE-2013-4314,CVE-2013-4353,CVE-2013-6449,CVE-2013-6450,CVE-2014-0012,CVE-2014-0076,CVE-2014-0160,CVE-2014-0195,CVE-2014-0198,CVE-2014-0221,CVE-2014-0224,CVE-2014-1829,CVE-2014-1830,CVE-2014-2667,CVE-2014-3470,CVE-2014-3505,CVE-2014-3506,CVE-2014-3507,CVE-2014-3508,CVE-2014-3509,CVE-2014-3510,CVE-2014-3511,CVE-2014-3512,CVE-2014-3513,CVE-2014-3566,CVE-2014-3567,CVE-2014-3568,CVE-2014-3570,CVE-2014-3571,CVE-2014-3572,CVE-2014-4650,CVE-2014-5139,CVE-2014-7202,CVE-2014-7203,CVE-2014-8275,CVE-2014-9721,CVE-2015-0204,CVE-2015-0205,CVE-2015-0206,CVE-2015-0209,CVE-2015-0286,CVE-2015-0287,CVE-2015-0288,CVE-2015-0289,CVE-2015-0293,CVE-2015-1788,CVE-2015-1789,CVE-2015-1790,CVE-2015-1791,CVE-2015-1792,CVE-2015-2296,CVE-2015-3194,CVE-2015-3195,CVE-2015-3196,CVE-2015-3197,CVE-2015-3216,CVE-2015-4000,CVE-2016-0702,CVE-2016-0705,CVE-2016-0797,CVE-2016-0798,CVE-2016-0799,CVE-2016-0800,CVE-2016-10745,CVE-2016-2105,CVE-2016-2106,CVE-2016-2107,CVE-2016-2109,CVE-2016-2176,CVE-2016-2177,CVE-2016-2178,CVE-2016-2179,CVE-2016-2180,CVE-2016-2181,CVE-2016-2182,CVE-2016-2183,CVE-2016-6302,CVE-2016-6303,CVE-2016-6304,CVE-2016-6306,CVE-2016-7052,CVE-2016-7055,CVE-2016-9015,CVE-2017-18342,CVE-2017-3731,CVE-2017-3732,CVE-2017-3735,CVE-2017-3736,CVE-2017-3737,CVE-2017-3738,CVE-2018-0732,CVE-2018-0734,CVE-2018-0737,CVE-2018-0739,CVE-2018-18074,CVE-2018-20060,CVE-2018-5407,CVE-2018-7750,CVE-2019-10906,CVE-2019-11236,CVE-2019-11324,CVE-2019-13132,CVE-2019-1547,CVE-2019-1551,CVE-2019-1559,CVE-2019-1563,CVE-2019-20907,CVE-2019-20916,CVE-2019-5010,CVE-2019-6250,CVE-2019-8341,CVE-2019-9740,CVE-2019-9947,CVE-2020-14343,CVE-2020-15166,CVE-2020-15523,CVE-2020-15801,CVE-2020-1747,CVE-2020-1971,CVE-2020-25659,CVE-2020-26137,CVE-2020-27783,CVE-2020-28493,CVE-2020-29651,CVE-2020-36242,CVE-2020-8492,CVE-2021-23336,CVE-2021-23840,CVE-2021-23841,CVE-2021-28957,CVE-2021-29921,CVE-2021-3177,CVE-2021-33503,CVE-2021-3426,CVE-2021-3712 JIRA References: ECO-3105,SLE-11435,SLE-12684,SLE-12986,SLE-13688,SLE-14253,SLE-15159,SLE-15860,SLE-15861,SLE-16754,SLE-17532,SLE-17957,SLE-18260,SLE-18354,SLE-18446,SLE-19264,SLE-3887,SLE-4480,SLE-4577,SLE-7686,SLE-9135 Sources used: SUSE Manager Tools 12-BETA (src): venv-salt-minion-3002.2-3.3.2 NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.