oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE-2018-5407: new side-channel vulnerability on SMT/Hyper-Threading architectures

From: Marc Deslauriers <marc.deslauriers () canonical com>
Date: Fri, 9 Nov 2018 08:03:46 -0500
Hi,

On 2018-11-07 2:42 a.m., Billy Brumley wrote:

For the 1.1.0 branch, at

https://github.com/openssl/openssl/commits/OpenSSL_1_1_0-stable/crypto/ec/ec_mult.c

everything starting from aab7c770353b1dc4ba045938c8fb446dd1c4531e


This was not very responsible of me, since the changes are across
several files. I reckon the best source is checking the diff between
1.1.0h and 1.1.0i releases.

If you are a package maintainer, and are putting together a patch set
for this, please reach out to me. My team can help test.


<snip>

Could you please confirm the following commits are sufficient to fix CVE-2018-5407?


Elliptic curve scalar multiplication with timing attack defenses (CVE-2018-5407)
https://git.openssl.org/?p=openssl.git;a=commit;h=aab7c770353b1dc4ba045938c8fb446dd1c4531e

Address code style comments
https://git.openssl.org/?p=openssl.git;a=commit;h=f06437c751d6f6ec7f4176518e2897f44dd58eb0

ladder description: why it works
https://git.openssl.org/?p=openssl.git;a=commit;h=33588c930d39d67d1128794dc7c85bae71af24ad

Pass through
https://git.openssl.org/?p=openssl.git;a=commit;h=f916a735bcdce496cebc7653a8ad2e72b333405a

Move up check for EC_R_INCOMPATIBLE_OBJECTS and for the point at infinity case
https://git.openssl.org/?p=openssl.git;a=commit;h=b43ad53119c0ac2ecfa6e4356210ccda57e0d16b

Remove superfluous NULL checks. Add Andy's BN_FLG comment.
https://git.openssl.org/?p=openssl.git;a=commit;h=2172133d0dc58256bf776da074c0d1944fef15cb


Thanks!

Marc.

-- 
Marc Deslauriers
Ubuntu Security Engineer     | http://www.ubuntu.com/
Canonical Ltd.               | http://www.canonical.com/
Previous By Date Next
Previous By Thread Next

Current thread: