CVE-2018-0735
Timing attack against ECDSA signature generation
Severity Score
5.9
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).
Se ha demostrado que el algoritmo de firmas ECDSA en OpenSSL es vulnerable a un ataque de sincronización de canal lateral. Un atacante podrÃa emplear variaciones en el algoritmo de firma para recuperar la clave privada. Se ha solucionado en OpenSSL 1.1.0j (afecta a 1.1.0-1.1.0i). Se ha solucionado en OpenSSL 1.1.1a (afecta a 1.1.1).
Samuel Weiser discovered that OpenSSL incorrectly handled DSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private DSA keys. Samuel Weiser discovered that OpenSSL incorrectly handled ECDSA signing. An attacker could possibly use this issue to perform a timing side-channel attack and recover private ECDSA keys. This issue only affected Ubuntu 18.04 LTS and Ubuntu 18.10. Various other issues were also addressed.
*Credits:
Samuel Weiser
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2017-11-30 CVE Reserved
- 2018-10-29 CVE Published
- 2024-09-16 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-327: Use of a Broken or Risky Cryptographic Algorithm
- CWE-385: Covert Timing Channel
CAPEC
References (17)
| URL | Tag | Source |
|---|---|---|
| http://www.securityfocus.com/bid/105750 | Third Party Advisory | |
| http://www.securitytracker.com/id/1041986 | Third Party Advisory | |
| https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=56fb454d281a023b3f950d969693553d3f3ceea1 | X_refsource_confirm | |
| https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=b1d6d55ece1c26fa2829e2b819b038d7b6d692b4 | X_refsource_confirm | |
| https://lists.debian.org/debian-lts-announce/2018/11/msg00024.html | Mailing List |
|
| https://nodejs.org/en/blog/vulnerability/november-2018-security-releases | Third Party Advisory | |
| https://security.netapp.com/advisory/ntap-20181105-0002 | Third Party Advisory |
|
| https://www.oracle.com/security-alerts/cpujan2020.html | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://access.redhat.com/errata/RHSA-2019:3700 | 2023-11-07 | |
| https://usn.ubuntu.com/3840-1 | 2023-11-07 | |
| https://www.debian.org/security/2018/dsa-4348 | 2023-11-07 | |
| https://www.openssl.org/news/secadv/20181029.txt | 2023-11-07 | |
| https://access.redhat.com/security/cve/CVE-2018-0735 | 2019-11-05 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1644356 | 2019-11-05 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Netapp Search vendor "Netapp" | Cn1610 Firmware Search vendor "Netapp" for product "Cn1610 Firmware" | - | - |
Affected
| in | Netapp Search vendor "Netapp" | Cn1610 Search vendor "Netapp" for product "Cn1610" | - | - |
Safe
|
| Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | >= 1.1.0 <= 1.1.0i Search vendor "Openssl" for product "Openssl" and version " >= 1.1.0 <= 1.1.0i" | - |
Affected
| ||||||
| Openssl Search vendor "Openssl" | Openssl Search vendor "Openssl" for product "Openssl" | 1.1.1 Search vendor "Openssl" for product "Openssl" and version "1.1.1" | - |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 14.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "14.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 16.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "16.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.04 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.04" | lts |
Affected
| ||||||
| Canonical Search vendor "Canonical" | Ubuntu Linux Search vendor "Canonical" for product "Ubuntu Linux" | 18.10 Search vendor "Canonical" for product "Ubuntu Linux" and version "18.10" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
| Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
| Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | >= 10.0.0 < 10.12.0 Search vendor "Nodejs" for product "Node.js" and version " >= 10.0.0 < 10.12.0" | - |
Affected
| ||||||
| Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | >= 11.0.0 < 11.3.0 Search vendor "Nodejs" for product "Node.js" and version " >= 11.0.0 < 11.3.0" | - |
Affected
| ||||||
| Nodejs Search vendor "Nodejs" | Node.js Search vendor "Nodejs" for product "Node.js" | 10.13.0 Search vendor "Nodejs" for product "Node.js" and version "10.13.0" | lts |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Cloud Backup Search vendor "Netapp" for product "Cloud Backup" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Element Software Search vendor "Netapp" for product "Element Software" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Oncommand Unified Manager Search vendor "Netapp" for product "Oncommand Unified Manager" | * | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Oncommand Unified Manager Search vendor "Netapp" for product "Oncommand Unified Manager" | >= 9.4 Search vendor "Netapp" for product "Oncommand Unified Manager" and version " >= 9.4" | vsphere |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Santricity Smi-s Provider Search vendor "Netapp" for product "Santricity Smi-s Provider" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Smi-s Provider Search vendor "Netapp" for product "Smi-s Provider" | - | - |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Snapdrive Search vendor "Netapp" for product "Snapdrive" | - | unix |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Snapdrive Search vendor "Netapp" for product "Snapdrive" | - | windows |
Affected
| ||||||
| Netapp Search vendor "Netapp" | Steelstore Search vendor "Netapp" for product "Steelstore" | - | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Api Gateway Search vendor "Oracle" for product "Api Gateway" | 11.1.2.4.0 Search vendor "Oracle" for product "Api Gateway" and version "11.1.2.4.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Application Server Search vendor "Oracle" for product "Application Server" | 0.9.8 Search vendor "Oracle" for product "Application Server" and version "0.9.8" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Application Server Search vendor "Oracle" for product "Application Server" | 1.0.0 Search vendor "Oracle" for product "Application Server" and version "1.0.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Application Server Search vendor "Oracle" for product "Application Server" | 1.0.1 Search vendor "Oracle" for product "Application Server" and version "1.0.1" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Enterprise Manager Base Platform Search vendor "Oracle" for product "Enterprise Manager Base Platform" | 12.1.0.5.0 Search vendor "Oracle" for product "Enterprise Manager Base Platform" and version "12.1.0.5.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Enterprise Manager Base Platform Search vendor "Oracle" for product "Enterprise Manager Base Platform" | 13.2.0.0.0 Search vendor "Oracle" for product "Enterprise Manager Base Platform" and version "13.2.0.0.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Enterprise Manager Base Platform Search vendor "Oracle" for product "Enterprise Manager Base Platform" | 13.3.0.0.0 Search vendor "Oracle" for product "Enterprise Manager Base Platform" and version "13.3.0.0.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Enterprise Manager Ops Center Search vendor "Oracle" for product "Enterprise Manager Ops Center" | 12.3.3 Search vendor "Oracle" for product "Enterprise Manager Ops Center" and version "12.3.3" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Mysql Search vendor "Oracle" for product "Mysql" | <= 5.6.42 Search vendor "Oracle" for product "Mysql" and version " <= 5.6.42" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Mysql Search vendor "Oracle" for product "Mysql" | >= 5.7.0 <= 5.7.24 Search vendor "Oracle" for product "Mysql" and version " >= 5.7.0 <= 5.7.24" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Mysql Search vendor "Oracle" for product "Mysql" | >= 8.0.0 <= 8.0.13 Search vendor "Oracle" for product "Mysql" and version " >= 8.0.0 <= 8.0.13" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Peoplesoft Enterprise Peopletools Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools" | 8.55 Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools" and version "8.55" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Peoplesoft Enterprise Peopletools Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools" | 8.56 Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools" and version "8.56" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Peoplesoft Enterprise Peopletools Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools" | 8.57 Search vendor "Oracle" for product "Peoplesoft Enterprise Peopletools" and version "8.57" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Primavera P6 Enterprise Project Portfolio Management Search vendor "Oracle" for product "Primavera P6 Enterprise Project Portfolio Management" | >= 17.7 <= 17.12 Search vendor "Oracle" for product "Primavera P6 Enterprise Project Portfolio Management" and version " >= 17.7 <= 17.12" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Primavera P6 Enterprise Project Portfolio Management Search vendor "Oracle" for product "Primavera P6 Enterprise Project Portfolio Management" | 8.4 Search vendor "Oracle" for product "Primavera P6 Enterprise Project Portfolio Management" and version "8.4" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Primavera P6 Enterprise Project Portfolio Management Search vendor "Oracle" for product "Primavera P6 Enterprise Project Portfolio Management" | 15.1 Search vendor "Oracle" for product "Primavera P6 Enterprise Project Portfolio Management" and version "15.1" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Primavera P6 Enterprise Project Portfolio Management Search vendor "Oracle" for product "Primavera P6 Enterprise Project Portfolio Management" | 15.2 Search vendor "Oracle" for product "Primavera P6 Enterprise Project Portfolio Management" and version "15.2" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Primavera P6 Enterprise Project Portfolio Management Search vendor "Oracle" for product "Primavera P6 Enterprise Project Portfolio Management" | 16.1 Search vendor "Oracle" for product "Primavera P6 Enterprise Project Portfolio Management" and version "16.1" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Primavera P6 Enterprise Project Portfolio Management Search vendor "Oracle" for product "Primavera P6 Enterprise Project Portfolio Management" | 16.2 Search vendor "Oracle" for product "Primavera P6 Enterprise Project Portfolio Management" and version "16.2" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Primavera P6 Enterprise Project Portfolio Management Search vendor "Oracle" for product "Primavera P6 Enterprise Project Portfolio Management" | 18.8 Search vendor "Oracle" for product "Primavera P6 Enterprise Project Portfolio Management" and version "18.8" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Secure Global Desktop Search vendor "Oracle" for product "Secure Global Desktop" | 5.4 Search vendor "Oracle" for product "Secure Global Desktop" and version "5.4" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Tuxedo Search vendor "Oracle" for product "Tuxedo" | 12.1.1.0.0 Search vendor "Oracle" for product "Tuxedo" and version "12.1.1.0.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Vm Virtualbox Search vendor "Oracle" for product "Vm Virtualbox" | < 6.0.0 Search vendor "Oracle" for product "Vm Virtualbox" and version " < 6.0.0" | - |
Affected
| ||||||
| Oracle Search vendor "Oracle" | Vm Virtualbox Search vendor "Oracle" for product "Vm Virtualbox" | >= 5.0.0 < 5.2.24 Search vendor "Oracle" for product "Vm Virtualbox" and version " >= 5.0.0 < 5.2.24" | - |
Affected
| ||||||