CVE-2016-0702

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-0702
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-0702.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-0702
Downstream
Related
Published
2016-03-03T20:59:00.080Z
Modified
2026-03-15T22:02:41.585354Z
Severity
  • 5.1 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

The MODEXPCTIMECOPYFROMPREBUF function in crypto/bn/bnexp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the same Intel Sandy Bridge CPU core as a victim and leveraging cache-bank conflicts, aka a "CacheBleed" attack.

References

Affected packages

Git / github.com/nodejs/node

Affected ranges

Type
GIT
Repo
https://github.com/nodejs/node
Events
Introduced
f9f837885343a2a3f5ba2b8c510eaac395c8c865
Last affected
85df6ada477715020dbd22e2fb5e687d84d663ff
Introduced
6dc12b1042d5d4727f77e8a1c5758dab91400069
Fixed
c23f6087966be0b8944b71bc238d383080f87573
Introduced
384e6c2dfe968002800bc3d3224a57aa19ffdfee
Fixed
805f054cc7791c447dbb960fbf3b179ea05294ac
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
362fe010fe8f6feb0030e1e02c689b501e11ddb7
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
0d8021e5a4cf0a6aa3a700a361f6d42c2894f2ba
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
7a4f260c5df43caa2f522e739b7cc3e7595d7e09
Database specific 
{
    "versions": [
        {
            "introduced": "4.0.0"
        },
        {
            "last_affected": "4.1.2"
        },
        {
            "introduced": "4.2.0"
        },
        {
            "fixed": "4.3.2"
        },
        {
            "introduced": "5.0.0"
        },
        {
            "fixed": "5.7.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "7.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "8.0"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "15.10"
        }
    ]
}
Type
GIT
Repo
https://github.com/openssl/openssl
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
ab585551c0a577d9a91825d446465905a5ea17e3
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e2dfb655f798831ffb29242ad804013ddb0c5d5b
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
08e4c7a967cc9d82264d125440d8b17b912bd250
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
888759a1d38197f29de7227876c3b58fbff8549f
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
94f416601754dbe65e287f8e1eca01fa32f74a7a
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2f63ad1c6daa61614f3d58de0889bf68e9f75853
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
2c5db8dac3a06fe5b2c889838a606138ee3542ed
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
e818b74be2170fbe957a07b0da4401c2b694b3b8
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1-beta1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1-beta2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1-beta3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1a"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1b"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1c"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1d"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1e"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1f"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1g"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1h"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1i"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1j"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1k"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1l"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1m"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1n"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1o"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1p"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1q"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.1r"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2-beta1"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2-beta2"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2-beta3"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2a"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2b"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2c"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2d"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2e"
        },
        {
            "introduced": "0"
        },
        {
            "last_affected": "1.0.2f"
        }
    ]
}

Affected versions

Other
BEFORE_engine
OpenSSL_0_9_1c
OpenSSL_0_9_2b
OpenSSL_0_9_3
OpenSSL_0_9_3a
OpenSSL_0_9_3beta2
OpenSSL_0_9_4
OpenSSL_0_9_5a
OpenSSL_0_9_5a-beta1
OpenSSL_0_9_5a-beta2
OpenSSL_0_9_5beta1
OpenSSL_0_9_5beta2
OpenSSL_0_9_6-beta3
OpenSSL_1_0_0
OpenSSL_1_0_0-beta1
OpenSSL_1_0_0-beta2
OpenSSL_1_0_0-beta3
OpenSSL_1_0_0-beta4
OpenSSL_1_0_0-beta5
OpenSSL_1_0_0a
OpenSSL_1_0_1
OpenSSL_1_0_1-beta1
OpenSSL_1_0_1-beta2
OpenSSL_1_0_1-beta3
OpenSSL_1_0_1-post-auto-reformat
OpenSSL_1_0_1-post-reformat
OpenSSL_1_0_1-pre-auto-reformat
OpenSSL_1_0_1-pre-reformat
OpenSSL_1_0_1a
OpenSSL_1_0_1b
OpenSSL_1_0_1c
OpenSSL_1_0_1d
OpenSSL_1_0_1e
OpenSSL_1_0_1f
OpenSSL_1_0_1g
OpenSSL_1_0_1h
OpenSSL_1_0_1i
OpenSSL_1_0_1j
OpenSSL_1_0_1k
OpenSSL_1_0_1l
OpenSSL_1_0_1m
OpenSSL_1_0_1n
OpenSSL_1_0_1o
OpenSSL_1_0_1p
OpenSSL_1_0_1q
OpenSSL_1_0_1r
OpenSSL_1_0_1s
OpenSSL_1_0_1t
OpenSSL_1_0_1u
v4.*
v4.0.0
v4.1.0
v4.1.1
v4.1.2
v4.2.0
v4.2.1
v4.2.2
v4.2.3
v4.2.4
v4.2.5
v4.2.6
v4.3.0
v4.3.1

Database specific

unresolved_ranges 
[
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "12.04"
            }
        ]
    },
    {
        "events": [
            {
                "introduced": "0"
            },
            {
                "last_affected": "14.04"
            }
        ]
    }
]
source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-0702.json"