#VU13370 Memory-cache side-channel attack in Libgcrypt - CVE-2018-0495
Vulnerability identifier: #VU13370
Vulnerability risk: Low
CVSSv4.0: 1.9 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]
CVE-ID:
CWE-ID:
CWE-200
Exploitation vector: Local
Exploit availability: Yes
Vulnerable software:
Libgcrypt
Client/Desktop applications /
Encryption software
Vendor: GNU
Description
The vulnerability allows a local attacker to obtain potentially sensitive information.
The vulnerability exists due to a leakage of information through memory caches when the affected library uses a private key to create Elliptic Curve Digital Signature Algorithm (ECDSA) signatures. A local attacker can conduct a memory-cache side-channel attack on ECDSA signatures and recover sensitive information, such as ECDSA private keys, which could be used to conduct further attacks.
Note: The vulnerability is known as the "Return Of the Hidden Number Problem" or ROHNP.
Mitigation
Update to version 1.7.10, 1.8.3.
Vulnerable software versions
Libgcrypt: 1.5.0 - 1.8.2
External links
http://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000426.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
