// For flags

CVE-2016-0702

OpenSSL: Side channel attack on modular exponentiation

Severity Score

5.1
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The MOD_EXP_CTIME_COPY_FROM_PREBUF function in crypto/bn/bn_exp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the same Intel Sandy Bridge CPU core as a victim and leveraging cache-bank conflicts, aka a "CacheBleed" attack.

La función MOD_EXP_CTIME_COPY_FROM_PREBUF en crypto/bn/bn_exp.c en OpenSSL 1.0.1 en versiones anteriores a 1.0.1s y 1.0.2 en versiones anteriores a 1.0.2g no considera correctamente las veces que se accede al cache-bank durante la exponenciación modular, lo que facilita a usuarios locales descubrir las claves RSA ejecutando una aplicación manipulada en el mismo núcleo de la CPU Intel Sandy Bridge como víctima y aprovechándose de los conflictos del cache-bank, también conocida como un ataque "CacheBleed".

A side-channel attack was found that makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture. An attacker who has the ability to control code in a thread running on the same hyper-threaded core as the victim's thread that is performing decryption, could use this flaw to recover RSA private keys.

An update that contains security fixes can now be installed. This update for openssl fixes various security issues. OpenSSL was vulnerable to a cross-protocol attack that could lead to decryption of TLS sessions by using a server supporting SSLv2 and EXPORT cipher suites as a Bleichenbacher RSA padding oracle. This update changes the openssl library to. Disable SSLv2 protocol support by default. This can be overridden by setting the environment variable "OPENSSL_ALLOW_SSL2" or by using SSL_CTX_clear_options using the SSL_OP_NO_SSLv2 flag. Note that various services and clients had already disabled SSL protocol 2 by default previously. Disable all weak EXPORT ciphers by default. These can be reenabled if required by old legacy software using the environment variable "OPENSSL_ALLOW_EXPORT".

*Credits: N/A
CVSS Scores
Attack Vector
Local
Attack Complexity
High
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None
Attack Vector
Local
Attack Complexity
Medium
Authentication
None
Confidentiality
Partial
Integrity
None
Availability
None
Attack Vector
Local
Attack Complexity
High
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2015-12-16 CVE Reserved
  • 2016-03-01 CVE Published
  • 2023-11-09 First Exploit
  • 2024-08-05 CVE Updated
  • 2025-07-04 EPSS Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor
CAPEC
References (47)
URL Tag Source
http://cachebleed.info Broken Link
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10759 Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html Third Party Advisory
http://www.securitytracker.com/id/1035133 Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-412672.pdf
https://git.openssl.org/?p=openssl.git%3Ba=commit%3Bh=708dc2f1291e104fe4eef810bb8ffc1fae5b19c1
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03741en_us Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05052990 Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05376917 Third Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05390722 Third Party Advisory
https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA40168 Third Party Advisory
https://www.openssl.org/news/secadv/20160301.txt Third Party Advisory
URL Date SRC
https://github.com/Trinadh465/OpenSSL-1_0_1g_CVE-2016-0702 2023-11-09
URL Date SRC
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html 2023-11-07
URL Date SRC
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178358.html 2023-11-07
http://lists.fedoraproject.org/pipermail/package-announce/2016-March/178817.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00001.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00002.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00003.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00004.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00005.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00006.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00007.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00009.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00010.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00012.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00025.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00038.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00015.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00017.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00018.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00029.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00030.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00036.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00055.html 2023-11-07
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00019.html 2023-11-07
http://marc.info/?l=bugtraq&m=145889460330120&w=2 2023-11-07
http://openssl.org/news/secadv/20160301.txt 2023-11-07
http://rhn.redhat.com/errata/RHSA-2016-2957.html 2023-11-07
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160302-openssl 2023-11-07
http://www.debian.org/security/2016/dsa-3500 2023-11-07
http://www.ubuntu.com/usn/USN-2914-1 2023-11-07
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:12.openssl.asc 2023-11-07
https://security.gentoo.org/glsa/201603-15 2023-11-07
https://access.redhat.com/security/cve/CVE-2016-0702 2016-12-15
https://bugzilla.redhat.com/show_bug.cgi?id=1310599 2016-12-15
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1
Search vendor "Openssl" for product "Openssl" and version "1.0.1"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1
Search vendor "Openssl" for product "Openssl" and version "1.0.1"
beta1
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1
Search vendor "Openssl" for product "Openssl" and version "1.0.1"
beta2
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1
Search vendor "Openssl" for product "Openssl" and version "1.0.1"
beta3
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1a
Search vendor "Openssl" for product "Openssl" and version "1.0.1a"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1b
Search vendor "Openssl" for product "Openssl" and version "1.0.1b"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1c
Search vendor "Openssl" for product "Openssl" and version "1.0.1c"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1d
Search vendor "Openssl" for product "Openssl" and version "1.0.1d"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1e
Search vendor "Openssl" for product "Openssl" and version "1.0.1e"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1f
Search vendor "Openssl" for product "Openssl" and version "1.0.1f"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1g
Search vendor "Openssl" for product "Openssl" and version "1.0.1g"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1h
Search vendor "Openssl" for product "Openssl" and version "1.0.1h"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1i
Search vendor "Openssl" for product "Openssl" and version "1.0.1i"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1j
Search vendor "Openssl" for product "Openssl" and version "1.0.1j"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1k
Search vendor "Openssl" for product "Openssl" and version "1.0.1k"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1l
Search vendor "Openssl" for product "Openssl" and version "1.0.1l"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1m
Search vendor "Openssl" for product "Openssl" and version "1.0.1m"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1n
Search vendor "Openssl" for product "Openssl" and version "1.0.1n"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1o
Search vendor "Openssl" for product "Openssl" and version "1.0.1o"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1p
Search vendor "Openssl" for product "Openssl" and version "1.0.1p"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1q
Search vendor "Openssl" for product "Openssl" and version "1.0.1q"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.1r
Search vendor "Openssl" for product "Openssl" and version "1.0.1r"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.2
Search vendor "Openssl" for product "Openssl" and version "1.0.2"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.2
Search vendor "Openssl" for product "Openssl" and version "1.0.2"
beta1
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.2
Search vendor "Openssl" for product "Openssl" and version "1.0.2"
beta2
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.2
Search vendor "Openssl" for product "Openssl" and version "1.0.2"
beta3
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.2a
Search vendor "Openssl" for product "Openssl" and version "1.0.2a"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.2b
Search vendor "Openssl" for product "Openssl" and version "1.0.2b"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.2c
Search vendor "Openssl" for product "Openssl" and version "1.0.2c"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.2d
Search vendor "Openssl" for product "Openssl" and version "1.0.2d"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.2e
Search vendor "Openssl" for product "Openssl" and version "1.0.2e"
-
Affected
Openssl
Search vendor "Openssl"
 Openssl
Search vendor "Openssl" for product "Openssl"
 1.0.2f
Search vendor "Openssl" for product "Openssl" and version "1.0.2f"
-
Affected
Nodejs
Search vendor "Nodejs"
 Node.js
Search vendor "Nodejs" for product "Node.js"
 >= 4.0.0 <= 4.1.2
Search vendor "Nodejs" for product "Node.js" and version " >= 4.0.0 <= 4.1.2"
-
Affected
Nodejs
Search vendor "Nodejs"
 Node.js
Search vendor "Nodejs" for product "Node.js"
 >= 4.2.0 < 4.3.2
Search vendor "Nodejs" for product "Node.js" and version " >= 4.2.0 < 4.3.2"
lts
Affected
Nodejs
Search vendor "Nodejs"
 Node.js
Search vendor "Nodejs" for product "Node.js"
 >= 5.0.0 < 5.7.1
Search vendor "Nodejs" for product "Node.js" and version " >= 5.0.0 < 5.7.1"
-
Affected
Debian
Search vendor "Debian"
 Debian Linux
Search vendor "Debian" for product "Debian Linux"
 7.0
Search vendor "Debian" for product "Debian Linux" and version "7.0"
-
Affected
Debian
Search vendor "Debian"
 Debian Linux
Search vendor "Debian" for product "Debian Linux"
 8.0
Search vendor "Debian" for product "Debian Linux" and version "8.0"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 12.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "12.04"
-
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 14.04
Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04"
esm
Affected
Canonical
Search vendor "Canonical"
 Ubuntu Linux
Search vendor "Canonical" for product "Ubuntu Linux"
 15.10
Search vendor "Canonical" for product "Ubuntu Linux" and version "15.10"
-
Affected