Oval Definition:oval:org.opensuse.security:def:201812434
Revision Date:2022-09-02Version:1
Title:CVE-2018-12434
Description:

LibreSSL before 2.6.5 and 2.7.x before 2.7.4 allows a memory-cache side-channel attack on DSA and ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover a key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2018-12434
Mitre CVE-2018-12434
SUSE CVE-2018-12434
openSUSE-SU-2018:2592-1
openSUSE-SU-2018:2597-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 42.3
openSUSE Tumbleweed
SUSE CaaS Platform 4.0
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Server for SAP Applications 15 SP1
SUSE Manager Proxy 4.0
SUSE Manager Retail Branch Server 4.0
SUSE Manager Server 4.0
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud 9
SUSE OpenStack Cloud Crowbar 8
SUSE OpenStack Cloud Crowbar 9
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • libcrypto43-2.8.0-lp150.2.3 is installed
  • AND libcrypto43 is signed with openSUSE key
  • OR
  • libcrypto43-32bit-2.8.0-lp150.2.3 is installed
  • AND libcrypto43-32bit is signed with openSUSE key
  • OR
  • libressl-2.8.0-lp150.2.3 is installed
  • AND libressl is signed with openSUSE key
  • OR
  • libressl-devel-2.8.0-lp150.2.3 is installed
  • AND libressl-devel is signed with openSUSE key
  • OR
  • libressl-devel-32bit-2.8.0-lp150.2.3 is installed
  • AND libressl-devel-32bit is signed with openSUSE key
  • OR
  • libressl-devel-doc-2.8.0-lp150.2.3 is installed
  • AND libressl-devel-doc is signed with openSUSE key
  • OR
  • libssl45-2.8.0-lp150.2.3 is installed
  • AND libssl45 is signed with openSUSE key
  • OR
  • libssl45-32bit-2.8.0-lp150.2.3 is installed
  • AND libssl45-32bit is signed with openSUSE key
  • OR
  • libtls17-2.8.0-lp150.2.3 is installed
  • AND libtls17 is signed with openSUSE key
  • OR
  • libtls17-32bit-2.8.0-lp150.2.3 is installed
  • AND libtls17-32bit is signed with openSUSE key
    • Definition Synopsis
  • openSUSE Leap 42.3 is installed
  • AND Package Information
  • libcrypto43-2.8.0-11 is installed
  • AND libcrypto43 is signed with openSUSE key
  • OR
  • libcrypto43-32bit-2.8.0-11 is installed
  • AND libcrypto43-32bit is signed with openSUSE key
  • OR
  • libressl-2.8.0-11 is installed
  • AND libressl is signed with openSUSE key
  • OR
  • libressl-devel-2.8.0-11 is installed
  • AND libressl-devel is signed with openSUSE key
  • OR
  • libressl-devel-32bit-2.8.0-11 is installed
  • AND libressl-devel-32bit is signed with openSUSE key
  • OR
  • libressl-devel-doc-2.8.0-11 is installed
  • AND libressl-devel-doc is signed with openSUSE key
  • OR
  • libssl45-2.8.0-11 is installed
  • AND libssl45 is signed with openSUSE key
  • OR
  • libssl45-32bit-2.8.0-11 is installed
  • AND libssl45-32bit is signed with openSUSE key
  • OR
  • libtls17-2.8.0-11 is installed
  • AND libtls17 is signed with openSUSE key
  • OR
  • libtls17-32bit-2.8.0-11 is installed
  • AND libtls17-32bit is signed with openSUSE key
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 8 is installed
  • OR SUSE OpenStack Cloud Crowbar 8 is installed
  • AND libmspack0 is affected
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • libcrypto46-3.3.4-1.2 is installed
  • OR libcrypto46-32bit-3.3.4-1.2 is installed
  • OR libressl-3.3.4-1.2 is installed
  • OR libressl-devel-3.3.4-1.2 is installed
  • OR libressl-devel-32bit-3.3.4-1.2 is installed
  • OR libressl-devel-doc-3.3.4-1.2 is installed
  • OR libssl48-3.3.4-1.2 is installed
  • OR libssl48-32bit-3.3.4-1.2 is installed
  • OR libtls20-3.3.4-1.2 is installed
  • OR libtls20-32bit-3.3.4-1.2 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND libmspack is affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND libmspack0 is affected
    • Definition Synopsis
  • Release Information
  • SUSE CaaS Platform 4.0 is installed
  • OR SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND Package Information
  • libmspack-devel is affected
  • OR libmspack0 is affected
    • Definition Synopsis
  • Release Information
  • SUSE OpenStack Cloud 9 is installed
  • OR SUSE OpenStack Cloud Crowbar 9 is installed
  • AND libmspack0 is affected
    • Definition Synopsis
  • Release Information
  • SUSE Manager Proxy 4.0 is installed
  • OR SUSE Manager Retail Branch Server 4.0 is installed
  • OR SUSE Manager Server 4.0 is installed
  • AND libmspack is affected
  • OR Package Information
  • SUSE Linux Enterprise Server for SAP Applications 15 SP1 is installed
  • AND
  • libmspack-devel is affected
  • OR libmspack0 is affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5 is installed
  • AND libmspack is affected
    • Definition Synopsis
  • SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed
  • AND libmspack0 is affected
    • BACK