Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2014-0076

Published: 25 March 2014

The Montgomery ladder implementation in OpenSSL through 1.0.0l does not ensure that certain swap operations have a constant-time behavior, which makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD cache side-channel attack.

Priority

Medium

Status

Package Release Status
openssl
Launchpad, Ubuntu, Debian 		lucid Not vulnerable
(code not present)
precise
Released (1.0.1-4ubuntu5.12)
quantal
Released (1.0.1c-3ubuntu2.7)
saucy
Released (1.0.1e-3ubuntu1.2)
upstream Needs triage

Patches:
upstream: http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=4b7a4ba29cafa432fc4266fe6e59e60bc1c96332
upstream: http://git.openssl.org/gitweb/?p=openssl.git;a=commit;h=40acdb192e035f463d3c39c23fd8a68cf54df378
openssl098
Launchpad, Ubuntu, Debian 		lucid Does not exist

precise Not vulnerable
(code not present)
quantal Not vulnerable
(code not present)
saucy Not vulnerable
(code not present)
upstream Needs triage

References

Bugs

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading