Vulnerability Name:

CVE-2018-0495

Assigned:2017-11-27
Published:2018-06-13
Updated:2018-08-10
Summary:Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
CVSS v3 Severity:4.7 Medium (CVSS v3 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N)
4.1 Medium (Temporal CVSS v3 Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): High
Privileges Required (PR): Low
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
5.1 Medium (CCN CVSS v3 Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
4.5 Medium (CCN Temporal CVSS v3 Vector: CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)
Exploitability Metrics:Attack Vector (AV): Local
Attack Complexity (AC): High
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): High
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:1.9 Low (CVSS v2 Vector: AV:L/AC:M/Au:N/C:P/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): Medium
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
4.0 Medium (CCN CVSS v2 Vector: AV:L/AC:H/Au:N/C:C/I:N/A:N)
Exploitability Metrics:Access Vector (AV): Local
Access Complexity (AC): High
Athentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-200
References:Source: SECTRACK
Type: VENDOR_ADVISORY
1041144

Source: SECTRACK
Type: VENDOR_ADVISORY
1041147

Source: MISC
Type: VENDOR_ADVISORY
https://dev.gnupg.org/T4011

Source: XF
Type: UNKNOWN
gnupg-cve20180495-info-disc(144828)

Source: MISC
Type: VENDOR_ADVISORY
https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git;a=commit;h=9010d1576e278a4274ad3f4aa15776c28f6ba965

Source: MLIST
Type: VENDOR_ADVISORY
[debian-lts-announce] 20180629 [SECURITY] [DLA 1405-1] libgcrypt20 security update

Source: MISC
Type: VENDOR_ADVISORY
https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000426.html

Source: UBUNTU
Type: VENDOR_ADVISORY
USN-3689-1

Source: UBUNTU
Type: VENDOR_ADVISORY
USN-3689-2

Source: UBUNTU
Type: VENDOR_ADVISORY
USN-3692-1

Source: UBUNTU
Type: VENDOR_ADVISORY
USN-3692-2

Source: DEBIAN
Type: VENDOR_ADVISORY
DSA-4231

Source: MISC
Type: VENDOR_ADVISORY
https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/

Vulnerable Configuration:Configuration 1:
  • cpe:/a:gnupg:libgcrypt:0.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.2.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.2.8:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.2.10:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.2.15:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.2.17:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.2.18:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.2.19:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.3.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.3.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.3.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.9.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.9.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.9.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.9.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.9.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.9.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.9.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.9.7:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.9.8:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.9.9:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.9.10:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:0.9.11:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.0.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.0.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.0.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.7:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.8:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.9:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.10:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.11:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.12:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.42:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.43:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.44:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.90:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.91:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.92:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.93:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.1.94:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.2.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.2.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.2.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.2.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.2.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.3.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.3.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.3.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.4.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.4.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.4.1:rc1:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.4.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.4.2:rc1:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.4.2:rc2:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.4.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.4.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.4.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.4.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.5.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.5.0:beta1:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.5.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.5.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.5.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.5.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.5.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.5.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.6.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.6.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.6.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.6.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.6.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.6.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.6.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.7.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.7.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.7.2:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.7.3:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.7.4:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.7.5:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.7.6:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.7.7:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.7.8:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.7.9:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.8.0:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.8.1:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.8.2:*:*:*:*:*:*:*

  • Configuration 2:
  • cpe:/o:canonical:ubuntu_linux:12.04::~~esm~~~:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
  • OR cpe:/o:canonical:ubuntu_linux:18.04::~~lts~~~:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:8.0:*:*:*:*:*:*:*
  • OR cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:gnupg:libgcrypt:1.7.9:*:*:*:*:*:*:*
  • OR cpe:/a:gnupg:libgcrypt:1.8.2:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    Oval Definitions
    Definition IDClassTitleLast Modified
    oval:org.opensuse.security:def:20180495
    V
    CVE-2018-0495
    2018-09-23
    oval:com.ubuntu.artful:def:20180495000
    V
    CVE-2018-0495 on Ubuntu 17.10 (artful) - low.
    2018-06-13
    oval:com.ubuntu.bionic:def:20180495000
    V
    CVE-2018-0495 on Ubuntu 18.04 LTS (bionic) - low.
    2018-06-13
    oval:com.ubuntu.trusty:def:20180495000
    V
    CVE-2018-0495 on Ubuntu 14.04 LTS (trusty) - low.
    2018-06-13
    oval:com.ubuntu.xenial:def:20180495000
    V
    CVE-2018-0495 on Ubuntu 16.04 LTS (xenial) - low.
    2018-06-13
    BACK
    gnupg libgcrypt 0.1.0
    gnupg libgcrypt 0.2.0
    gnupg libgcrypt 0.2.6
    gnupg libgcrypt 0.2.8
    gnupg libgcrypt 0.2.10
    gnupg libgcrypt 0.2.15
    gnupg libgcrypt 0.2.17
    gnupg libgcrypt 0.2.18
    gnupg libgcrypt 0.2.19
    gnupg libgcrypt 0.3.0
    gnupg libgcrypt 0.3.1
    gnupg libgcrypt 0.3.2
    gnupg libgcrypt 0.3.3
    gnupg libgcrypt 0.3.4
    gnupg libgcrypt 0.3.5
    gnupg libgcrypt 0.4.0
    gnupg libgcrypt 0.4.1
    gnupg libgcrypt 0.4.2
    gnupg libgcrypt 0.4.3
    gnupg libgcrypt 0.4.4
    gnupg libgcrypt 0.4.5
    gnupg libgcrypt 0.9.0
    gnupg libgcrypt 0.9.1
    gnupg libgcrypt 0.9.2
    gnupg libgcrypt 0.9.3
    gnupg libgcrypt 0.9.4
    gnupg libgcrypt 0.9.5
    gnupg libgcrypt 0.9.6
    gnupg libgcrypt 0.9.7
    gnupg libgcrypt 0.9.8
    gnupg libgcrypt 0.9.9
    gnupg libgcrypt 0.9.10
    gnupg libgcrypt 0.9.11
    gnupg libgcrypt 1.0.0
    gnupg libgcrypt 1.0.1
    gnupg libgcrypt 1.0.2
    gnupg libgcrypt 1.0.3
    gnupg libgcrypt 1.0.4
    gnupg libgcrypt 1.1.0
    gnupg libgcrypt 1.1.2
    gnupg libgcrypt 1.1.3
    gnupg libgcrypt 1.1.4
    gnupg libgcrypt 1.1.5
    gnupg libgcrypt 1.1.6
    gnupg libgcrypt 1.1.7
    gnupg libgcrypt 1.1.8
    gnupg libgcrypt 1.1.9
    gnupg libgcrypt 1.1.10
    gnupg libgcrypt 1.1.11
    gnupg libgcrypt 1.1.12
    gnupg libgcrypt 1.1.42
    gnupg libgcrypt 1.1.43
    gnupg libgcrypt 1.1.44
    gnupg libgcrypt 1.1.90
    gnupg libgcrypt 1.1.91
    gnupg libgcrypt 1.1.92
    gnupg libgcrypt 1.1.93
    gnupg libgcrypt 1.1.94
    gnupg libgcrypt 1.2.0
    gnupg libgcrypt 1.2.1
    gnupg libgcrypt 1.2.2
    gnupg libgcrypt 1.2.3
    gnupg libgcrypt 1.2.4
    gnupg libgcrypt 1.3.0
    gnupg libgcrypt 1.3.1
    gnupg libgcrypt 1.3.2
    gnupg libgcrypt 1.4.0
    gnupg libgcrypt 1.4.1
    gnupg libgcrypt 1.4.1 rc1
    gnupg libgcrypt 1.4.2
    gnupg libgcrypt 1.4.2 rc1
    gnupg libgcrypt 1.4.2 rc2
    gnupg libgcrypt 1.4.3
    gnupg libgcrypt 1.4.4
    gnupg libgcrypt 1.4.5
    gnupg libgcrypt 1.4.6
    gnupg libgcrypt 1.5.0
    gnupg libgcrypt 1.5.0 beta1
    gnupg libgcrypt 1.5.1
    gnupg libgcrypt 1.5.2
    gnupg libgcrypt 1.5.3
    gnupg libgcrypt 1.5.4
    gnupg libgcrypt 1.5.5
    gnupg libgcrypt 1.5.6
    gnupg libgcrypt 1.6.0
    gnupg libgcrypt 1.6.1
    gnupg libgcrypt 1.6.2
    gnupg libgcrypt 1.6.3
    gnupg libgcrypt 1.6.4
    gnupg libgcrypt 1.6.5
    gnupg libgcrypt 1.6.6
    gnupg libgcrypt 1.7.0
    gnupg libgcrypt 1.7.1
    gnupg libgcrypt 1.7.2
    gnupg libgcrypt 1.7.3
    gnupg libgcrypt 1.7.4
    gnupg libgcrypt 1.7.5
    gnupg libgcrypt 1.7.6
    gnupg libgcrypt 1.7.7
    gnupg libgcrypt 1.7.8
    gnupg libgcrypt 1.7.9
    gnupg libgcrypt 1.8.0
    gnupg libgcrypt 1.8.1
    gnupg libgcrypt 1.8.2
    canonical ubuntu linux 12.04
    canonical ubuntu linux 14.04
    canonical ubuntu linux 16.04
    canonical ubuntu linux 17.10
    canonical ubuntu linux 18.04
    debian debian linux 8.0
    debian debian linux 9.0
    gnupg libgcrypt 1.7.9
    gnupg libgcrypt 1.8.2