OpenSSL CVE-2018-5407 Side Channel Attack Information Disclosure Vulnerability

OpenSSL is prone to a local information-disclosure vulnerability.

Local attackers can exploit this issue to obtain sensitive information. This may aid in further attacks.

Information

Bugtraq ID: 105897
Class: Design Error
CVE: CVE-2018-5407

Remote: No
Local: Yes
Published: Oct 30 2018 12:00AM
Updated: Oct 30 2018 12:00AM
Credit: Billy Bob Brumley, Cesar Pereida Garcia, Sohaib ul Hassan, Nicola Tuveri (Tampere University of Technology; Finland), and Alejandro Cabrera Aldaya (Universidad Tecnologica de la Habana CUJAE; Cuba)
Vulnerable: Redhat Enterprise Linux 7
Redhat Enterprise Linux 6
+ Trustix Secure Enterprise Linux 2.0
+ Trustix Secure Linux 2.2
+ Trustix Secure Linux 2.1
+ Trustix Secure Linux 2.0
Redhat Enterprise Linux 5
OpenSSL Project OpenSSL 1.1.0h
OpenSSL Project OpenSSL 1.1.0g
OpenSSL Project OpenSSL 1.1.0f
OpenSSL Project OpenSSL 1.1.0e
OpenSSL Project OpenSSL 1.1.0d
OpenSSL Project OpenSSL 1.1.0c
OpenSSL Project OpenSSL 1.1.0b
OpenSSL Project OpenSSL 1.1.0a

Not Vulnerable: OpenSSL Project OpenSSL 1.1.1
OpenSSL Project OpenSSL 1.1.0i

Exploit

The researcher has created a proof-of-concept to demonstrate the issue. Please see the references for more information.

References:

• bbbrumley/portsmash (github.com)
  
• OpenSSL Homepage (OpenSSL)
  
• Bug 1645695 - (CVE-2018-5407) CVE-2018-5407 openssl: Intel processor side-chann (Redhat)
  
• CVE-2018-5407 (Redhat)
  
• OpenSSL Security Advisory [12 November 2018] (OpenSSL)
  

Source: www.securityfocus.com