fkie_cve-2014-0076
Vulnerability from fkie_nvd
Published
2014-03-25 13:25
Modified
2025-04-12 10:46
Severity ?
Summary
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.
References
secalert@redhat.comhttp://advisories.mageia.org/MGASA-2014-0165.html
secalert@redhat.comhttp://eprint.iacr.org/2014/140
secalert@redhat.comhttp://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2198be3483259de374f91e57d247d0fc667aef29
secalert@redhat.comhttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
secalert@redhat.comhttp://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=140266410314613&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=140266410314613&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=140317760000786&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=140389274407904&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=140389355508263&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=140448122410568&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=140482916501310&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=140621259019789&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=140752315422991&w=2
secalert@redhat.comhttp://marc.info/?l=bugtraq&m=140904544427729&w=2
secalert@redhat.comhttp://secunia.com/advisories/58492
secalert@redhat.comhttp://secunia.com/advisories/58727
secalert@redhat.comhttp://secunia.com/advisories/58939
secalert@redhat.comhttp://secunia.com/advisories/59040
secalert@redhat.comhttp://secunia.com/advisories/59162
secalert@redhat.comhttp://secunia.com/advisories/59175
secalert@redhat.comhttp://secunia.com/advisories/59264
secalert@redhat.comhttp://secunia.com/advisories/59300
secalert@redhat.comhttp://secunia.com/advisories/59364
secalert@redhat.comhttp://secunia.com/advisories/59374
secalert@redhat.comhttp://secunia.com/advisories/59413
secalert@redhat.comhttp://secunia.com/advisories/59438
secalert@redhat.comhttp://secunia.com/advisories/59445
secalert@redhat.comhttp://secunia.com/advisories/59450
secalert@redhat.comhttp://secunia.com/advisories/59454
secalert@redhat.comhttp://secunia.com/advisories/59490
secalert@redhat.comhttp://secunia.com/advisories/59495
secalert@redhat.comhttp://secunia.com/advisories/59514
secalert@redhat.comhttp://secunia.com/advisories/59655
secalert@redhat.comhttp://secunia.com/advisories/59721
secalert@redhat.comhttp://secunia.com/advisories/60571
secalert@redhat.comhttp://support.apple.com/kb/HT6443
secalert@redhat.comhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=isg400001841
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=isg400001843
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21673137
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21676035
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21676062
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21676092
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21676419
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21676424
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21676501
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21676655
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21677695
secalert@redhat.comhttp://www-01.ibm.com/support/docview.wss?uid=swg21677828
secalert@redhat.comhttp://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2014:067
secalert@redhat.comhttp://www.mandriva.com/security/advisories?name=MDVSA-2015:062
secalert@redhat.comhttp://www.novell.com/support/kb/doc.php?id=7015264
secalert@redhat.comhttp://www.novell.com/support/kb/doc.php?id=7015300
secalert@redhat.comhttp://www.openssl.org/news/secadv_20140605.txt
secalert@redhat.comhttp://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
secalert@redhat.comhttp://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
secalert@redhat.comhttp://www.securityfocus.com/bid/66363
secalert@redhat.comhttp://www.ubuntu.com/usn/USN-2165-1
secalert@redhat.comhttps://bugs.gentoo.org/show_bug.cgi?id=505278
secalert@redhat.comhttps://bugzilla.novell.com/show_bug.cgi?id=869945
secalert@redhat.comhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946
secalert@redhat.comhttps://kc.mcafee.com/corporate/index?page=content&id=SB10075
af854a3a-2127-422b-91ae-364da2661108http://advisories.mageia.org/MGASA-2014-0165.html
af854a3a-2127-422b-91ae-364da2661108http://eprint.iacr.org/2014/140
af854a3a-2127-422b-91ae-364da2661108http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2198be3483259de374f91e57d247d0fc667aef29
af854a3a-2127-422b-91ae-364da2661108http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10629
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=140266410314613&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=140266410314613&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=140317760000786&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=140389274407904&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=140389355508263&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=140448122410568&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=140482916501310&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=140621259019789&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=140752315422991&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=140904544427729&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58492
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58727
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/58939
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59040
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59162
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59175
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59264
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59300
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59364
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59374
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59413
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59438
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59445
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59450
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59454
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59490
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59495
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59514
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59655
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/59721
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/60571
af854a3a-2127-422b-91ae-364da2661108http://support.apple.com/kb/HT6443
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=isg400001841
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=isg400001843
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21673137
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21676035
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21676062
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21676092
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21676419
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21676424
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21676501
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21676655
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21677695
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=swg21677828
af854a3a-2127-422b-91ae-364da2661108http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2014:067
af854a3a-2127-422b-91ae-364da2661108http://www.mandriva.com/security/advisories?name=MDVSA-2015:062
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/support/kb/doc.php?id=7015264
af854a3a-2127-422b-91ae-364da2661108http://www.novell.com/support/kb/doc.php?id=7015300
af854a3a-2127-422b-91ae-364da2661108http://www.openssl.org/news/secadv_20140605.txt
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/66363
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-2165-1
af854a3a-2127-422b-91ae-364da2661108https://bugs.gentoo.org/show_bug.cgi?id=505278
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.novell.com/show_bug.cgi?id=869945
af854a3a-2127-422b-91ae-364da2661108https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946
af854a3a-2127-422b-91ae-364da2661108https://kc.mcafee.com/corporate/index?page=content&id=SB10075
Impacted products
Vendor Product Version
openssl openssl *
openssl openssl 0.9.1c
openssl openssl 0.9.2b
openssl openssl 0.9.3
openssl openssl 0.9.3a
openssl openssl 0.9.4
openssl openssl 0.9.5
openssl openssl 0.9.5
openssl openssl 0.9.5
openssl openssl 0.9.5a
openssl openssl 0.9.5a
openssl openssl 0.9.5a
openssl openssl 0.9.6
openssl openssl 0.9.6
openssl openssl 0.9.6
openssl openssl 0.9.6
openssl openssl 0.9.6a
openssl openssl 0.9.6a
openssl openssl 0.9.6a
openssl openssl 0.9.6a
openssl openssl 0.9.6b
openssl openssl 0.9.6c
openssl openssl 0.9.6d
openssl openssl 0.9.6e
openssl openssl 0.9.6f
openssl openssl 0.9.6g
openssl openssl 0.9.6h
openssl openssl 0.9.6i
openssl openssl 0.9.6j
openssl openssl 0.9.6k
openssl openssl 0.9.6l
openssl openssl 0.9.6m
openssl openssl 0.9.7
openssl openssl 0.9.7
openssl openssl 0.9.7
openssl openssl 0.9.7
openssl openssl 0.9.7
openssl openssl 0.9.7
openssl openssl 0.9.7
openssl openssl 0.9.7a
openssl openssl 0.9.7b
openssl openssl 0.9.7c
openssl openssl 0.9.7d
openssl openssl 0.9.7e
openssl openssl 0.9.7f
openssl openssl 0.9.7g
openssl openssl 0.9.7h
openssl openssl 0.9.7i
openssl openssl 0.9.7j
openssl openssl 0.9.7k
openssl openssl 0.9.7l
openssl openssl 0.9.7m
openssl openssl 0.9.8
openssl openssl 0.9.8a
openssl openssl 0.9.8b
openssl openssl 0.9.8c
openssl openssl 0.9.8d
openssl openssl 0.9.8e
openssl openssl 0.9.8f
openssl openssl 0.9.8g
openssl openssl 0.9.8h
openssl openssl 0.9.8i
openssl openssl 0.9.8j
openssl openssl 0.9.8k
openssl openssl 0.9.8l
openssl openssl 0.9.8m
openssl openssl 0.9.8m
openssl openssl 0.9.8n
openssl openssl 0.9.8o
openssl openssl 0.9.8p
openssl openssl 0.9.8q
openssl openssl 0.9.8r
openssl openssl 0.9.8s
openssl openssl 0.9.8t
openssl openssl 0.9.8u
openssl openssl 0.9.8v
openssl openssl 0.9.8w
openssl openssl 0.9.8x
openssl openssl 0.9.8y
openssl openssl 1.0.0
openssl openssl 1.0.0
openssl openssl 1.0.0
openssl openssl 1.0.0
openssl openssl 1.0.0
openssl openssl 1.0.0
openssl openssl 1.0.0a
openssl openssl 1.0.0b
openssl openssl 1.0.0c
openssl openssl 1.0.0d
openssl openssl 1.0.0e
openssl openssl 1.0.0f
openssl openssl 1.0.0g
openssl openssl 1.0.0h
openssl openssl 1.0.0i
openssl openssl 1.0.0j
openssl openssl 1.0.0k


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7D44A548-D278-4BCF-930E-0354B0EDE5D8",
              "versionEndIncluding": "1.0.0l",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.1c:*:*:*:*:*:*:*",
              "matchCriteriaId": "14D983EC-61B0-4FD9-89B5-9878E4CE4405",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.2b:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5D7BE3C-8CA2-4FB2-B4AE-B201D88C2A9D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "BC4C5F05-BC0B-478D-9A6F-7C804777BA41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.3a:*:*:*:*:*:*:*",
              "matchCriteriaId": "27F417A1-5D97-4BC4-8B97-5AC40236DA21",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "8847BD34-BDE6-4AE9-96D9-75B9CF93A6A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "4EDB5A09-BE86-4352-9799-A875649EDB7D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.5:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "B6231CAA-00A8-41CE-8436-B84518014CF1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.5:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "A70AD93B-E876-4EAB-9970-752D42E15E99",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.5a:*:*:*:*:*:*:*",
              "matchCriteriaId": "F03FA9C0-24C7-46AC-92EC-7834BC34C79B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.5a:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "716ADA01-38B8-4C15-A3BB-D9688DA30599",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.5a:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "B73326F7-7DCE-4EDE-95D7-AE7AED263A14",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B5E4742C-A983-4F00-B24F-AB280C0E876D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "EA2D251C-9C45-4EFE-8262-E88AB7CE713A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "6D81E175-E698-40EF-9601-425893FFB1FC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "FA0F25B7-A172-4300-8718-112E817A6165",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6a:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A0628DF-3A4C-4078-B615-22260671EABF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6a:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "52B1BE89-BAE0-4656-943B-B9B81D9B54B3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6a:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "D097222B-ED20-459C-9167-55751FA2C87A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6a:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "86DDC8F2-7920-4A73-927E-562C89806972",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6b:*:*:*:*:*:*:*",
              "matchCriteriaId": "962FCB86-15AD-4399-8B7D-EC1DEA919C59",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6c:*:*:*:*:*:*:*",
              "matchCriteriaId": "0FCA45CE-4127-47AD-BBA8-8A6DD83AE1C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6d:*:*:*:*:*:*:*",
              "matchCriteriaId": "7CA1CA40-7DB5-4DCA-97A8-9A8CF4FECECC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6e:*:*:*:*:*:*:*",
              "matchCriteriaId": "180D07AE-C571-4DD6-837C-43E2A946007A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6f:*:*:*:*:*:*:*",
              "matchCriteriaId": "BA3E4D2A-6488-4F8B-A3CA-4161A10FA4DB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6g:*:*:*:*:*:*:*",
              "matchCriteriaId": "90789533-C741-4B1C-A24B-2C77B9E4DE5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6h:*:*:*:*:*:*:*",
              "matchCriteriaId": "1520065B-46D7-48A4-B9D0-5B49F690C5B4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6i:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B76FE2D-FBE0-4A3B-A0EA-179332D74F0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6j:*:*:*:*:*:*:*",
              "matchCriteriaId": "2AA526B9-726A-49D5-B3CA-EBE2DA303CA0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6k:*:*:*:*:*:*:*",
              "matchCriteriaId": "494E48E7-EF86-4860-9A53-94F6C313746E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6l:*:*:*:*:*:*:*",
              "matchCriteriaId": "2636B92E-47D5-42EA-9585-A2B84FBE71CB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.6m:*:*:*:*:*:*:*",
              "matchCriteriaId": "72FE2F46-2D0C-4C90-AFBE-D2E7B496D6E4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "45A518E8-21BE-4C5C-B425-410AB1208E9C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "9E3AB748-E463-445C-ABAB-4FEDDFD1878B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "660E4B8D-AABA-4520-BC4D-CF8E76E07C05",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "85BFEED5-4941-41BB-93D1-CD5C2A41290E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "9644CC68-1E91-45E7-8C53-1E3FC9976A4E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta5:*:*:*:*:*:*",
              "matchCriteriaId": "9B1B98C4-1FFD-4A7C-AA86-A34BC6F7AB31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7:beta6:*:*:*:*:*:*",
              "matchCriteriaId": "73934717-2DA3-4614-A076-D6EDA5EB0626",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7a:*:*:*:*:*:*:*",
              "matchCriteriaId": "78E79A05-64F3-4397-952C-A5BB950C967D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7b:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F7C9E77-1EB2-4720-A8FD-23DC1C877D5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7c:*:*:*:*:*:*:*",
              "matchCriteriaId": "549BB01D-F322-4FE3-BDA2-4FEA8ED8568A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7d:*:*:*:*:*:*:*",
              "matchCriteriaId": "4DE6CBD6-D6DD-4BC5-93F6-FDEA70163336",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7e:*:*:*:*:*:*:*",
              "matchCriteriaId": "98693865-2E79-4BD6-9F89-1994BC9A3E73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7f:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6476506-EC37-4726-82DC-D0E8254A8CDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7g:*:*:*:*:*:*:*",
              "matchCriteriaId": "5D6ECEF7-CB16-4604-894B-6EB19F1CEF55",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7h:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C81EF3D-4DB7-4799-9670-8D79E28CA184",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7i:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8116A66-175C-4E6D-9A9B-D54C1D97D213",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7j:*:*:*:*:*:*:*",
              "matchCriteriaId": "382C1679-DA1D-4FA4-9D5E-B86CC5052D49",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7k:*:*:*:*:*:*:*",
              "matchCriteriaId": "1CA28812-8A24-4FE1-BED9-D6D5BB023645",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7l:*:*:*:*:*:*:*",
              "matchCriteriaId": "9894D83E-2A27-446E-8B47-9C03CF802A2B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.7m:*:*:*:*:*:*:*",
              "matchCriteriaId": "55A9AC4D-E19B-431F-8679-B62F5F46BCF7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A4E446D-B9D3-45F2-9722-B41FA14A6C31",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8a:*:*:*:*:*:*:*",
              "matchCriteriaId": "AF4EA988-FC80-4170-8933-7C6663731981",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8b:*:*:*:*:*:*:*",
              "matchCriteriaId": "64F8F53B-24A1-4877-B16E-F1917C4E4E81",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8c:*:*:*:*:*:*:*",
              "matchCriteriaId": "75D3ACD5-905F-42BB-BE1A-8382E9D823BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8d:*:*:*:*:*:*:*",
              "matchCriteriaId": "766EA6F2-7FA4-4713-9859-9971CCD2FDCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8e:*:*:*:*:*:*:*",
              "matchCriteriaId": "EFBC30B7-627D-48DC-8EF0-AE8FA0C6EDBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8f:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BB38AEA-BAF0-4920-9A71-747C24444770",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8g:*:*:*:*:*:*:*",
              "matchCriteriaId": "1F33EA2B-DE15-4695-A383-7A337AC38908",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8h:*:*:*:*:*:*:*",
              "matchCriteriaId": "261EE631-AB43-44FE-B02A-DFAAB8D35927",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8i:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA0E0BBF-D0BE-41A7-B9BB-C28F01000BC0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8j:*:*:*:*:*:*:*",
              "matchCriteriaId": "1A1365ED-4651-4AB2-A64B-43782EA2F0E8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8k:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC82690C-DCED-47BA-AA93-4D0C9E95B806",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8l:*:*:*:*:*:*:*",
              "matchCriteriaId": "43B90ED1-DAB4-4239-8AD8-87E8D568D5D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8m:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C9BF2DD-85EF-49CF-8D83-0DB46449E333",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8m:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "6AEBE689-3952-46F0-BACA-BB03041C6D36",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8n:*:*:*:*:*:*:*",
              "matchCriteriaId": "86C46AB8-52E5-4385-9C5C-F63FF9DB82AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8o:*:*:*:*:*:*:*",
              "matchCriteriaId": "564AA4E7-223E-48D8-B3E0-A461969CF530",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8p:*:*:*:*:*:*:*",
              "matchCriteriaId": "A82CFB41-BEA5-4B5F-BCAA-9BAED22EEAF0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8q:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C2AE06-B6E8-41C4-BB60-177AC4819CE6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8r:*:*:*:*:*:*:*",
              "matchCriteriaId": "EB15C1F3-0DE8-4A50-B17C-618ECA58AABF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8s:*:*:*:*:*:*:*",
              "matchCriteriaId": "45491BD3-7C62-4422-B7DA-CB2741890FBA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8t:*:*:*:*:*:*:*",
              "matchCriteriaId": "499E52F3-4B34-4C47-8ABF-292928EBAA5F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8u:*:*:*:*:*:*:*",
              "matchCriteriaId": "D530BE19-ADCF-4B5C-99E0-2B9A1DE7717F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8v:*:*:*:*:*:*:*",
              "matchCriteriaId": "A7540155-3629-4C76-9C67-8A8E0C1067F1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8w:*:*:*:*:*:*:*",
              "matchCriteriaId": "419BBCCD-6F8A-418A-BA02-56267B11D948",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8x:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A3A2AF8-C7DD-43D0-B03F-37E7EB735C1D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:0.9.8y:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC142ACF-3CBD-4F96-B2AA-C7D48E7CF31E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "2FBD8C92-6138-4274-ACBA-D7D42DAEC5AC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "3A2075BD-6102-4B0F-839A-836E9585F43B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "2A2FA09E-2BF7-4968-B62D-00DA57F81EA1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "F02E634E-1E3D-4E44-BADA-76F92483A732",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "FCC2B07A-49EF-411F-8A4D-89435E22B043",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0:beta5:*:*:*:*:*:*",
              "matchCriteriaId": "7E9480D6-3B6A-4C41-B8C1-C3F945040772",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0a:*:*:*:*:*:*:*",
              "matchCriteriaId": "10FF0A06-DA61-4250-B083-67E55E362677",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0b:*:*:*:*:*:*:*",
              "matchCriteriaId": "8A6BA453-C150-4159-B80B-5465EFF83F11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0c:*:*:*:*:*:*:*",
              "matchCriteriaId": "638A2E69-8AB6-4FEA-852A-FEF16A500C1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0d:*:*:*:*:*:*:*",
              "matchCriteriaId": "56C47D3A-B99D-401D-B6B8-1194B2DB4809",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0e:*:*:*:*:*:*:*",
              "matchCriteriaId": "08355B10-E004-4BE6-A5AE-4D428810580B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0f:*:*:*:*:*:*:*",
              "matchCriteriaId": "738BCFDC-1C49-4774-95AE-E099F707DEF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0g:*:*:*:*:*:*:*",
              "matchCriteriaId": "D4B242C0-D27D-4644-AD19-5ACB853C9DC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0h:*:*:*:*:*:*:*",
              "matchCriteriaId": "8DC683F2-4346-4E5E-A8D7-67B4F4D7827B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0i:*:*:*:*:*:*:*",
              "matchCriteriaId": "764B7D38-BC1B-47DB-B1DF-D092BDA4BFCB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0j:*:*:*:*:*:*:*",
              "matchCriteriaId": "6604E7BE-9F9B-444D-A63A-F65D1CFDF3BF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:openssl:openssl:1.0.0k:*:*:*:*:*:*:*",
              "matchCriteriaId": "132B9217-B0E0-4E3E-9096-162AA28E158E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack."
    },
    {
      "lang": "es",
      "value": "La implementaci\u00f3n de la escala Montgomery en OpenSSL hasta la versi\u00f3n 1.0.0l no asegura que ciertas operaciones de intercambio tengan un comportamiento constante en el tiempo, lo que facilita a usuarios locales obtener nonces ECDSA a trav\u00e9s de un ataque de cach\u00e9 de canal lateral FLUSH+RELOAD."
    }
  ],
  "id": "CVE-2014-0076",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "LOW",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "LOCAL",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 1.9,
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "NONE",
          "vectorString": "AV:L/AC:M/Au:N/C:P/I:N/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 3.4,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2014-03-25T13:25:21.977",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://advisories.mageia.org/MGASA-2014-0165.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://eprint.iacr.org/2014/140"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2198be3483259de374f91e57d247d0fc667aef29"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10629"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/58492"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/58727"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/58939"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59040"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59162"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59175"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59264"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59300"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59364"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59374"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59413"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59438"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59445"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59450"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59454"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59490"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59495"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59514"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59655"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/59721"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://secunia.com/advisories/60571"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://support.apple.com/kb/HT6443"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676424"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:067"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/support/kb/doc.php?id=7015264"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.novell.com/support/kb/doc.php?id=7015300"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openssl.org/news/secadv_20140605.txt"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securityfocus.com/bid/66363"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.ubuntu.com/usn/USN-2165-1"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugs.gentoo.org/show_bug.cgi?id=505278"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.novell.com/show_bug.cgi?id=869945"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10075"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://advisories.mageia.org/MGASA-2014-0165.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://eprint.iacr.org/2014/140"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://git.openssl.org/gitweb/?p=openssl.git%3Ba=commit%3Bh=2198be3483259de374f91e57d247d0fc667aef29"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10629"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-03/msg00011.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2014-04/msg00007.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=140266410314613\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=140317760000786\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=140389274407904\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=140389355508263\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=140448122410568\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=140482916501310\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=140621259019789\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=140752315422991\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=140904544427729\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/58492"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/58727"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/58939"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59040"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59162"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59175"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59264"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59300"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59364"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59374"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59413"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59438"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59445"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59450"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59454"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59490"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59495"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59514"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59655"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/59721"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/60571"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.apple.com/kb/HT6443"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001841"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg400001843"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21673137"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676035"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676092"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676419"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676424"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676501"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21676655"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677695"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=swg21677828"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-345106.htm"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2014:067"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:062"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/support/kb/doc.php?id=7015264"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.novell.com/support/kb/doc.php?id=7015300"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openssl.org/news/secadv_20140605.txt"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/bid/66363"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-2165-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugs.gentoo.org/show_bug.cgi?id=505278"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.novell.com/show_bug.cgi?id=869945"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05301946"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10075"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-310"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.