A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE. For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.
{ "binaries": [ { "binary_name": "libssl-dev", "binary_version": "1.0.2g-1ubuntu4.fips.4.20.12" }, { "binary_name": "libssl1.0.0", "binary_version": "1.0.2g-1ubuntu4.fips.4.20.12" }, { "binary_name": "libssl1.0.0-hmac", "binary_version": "1.0.2g-1ubuntu4.fips.4.20.12" }, { "binary_name": "openssl", "binary_version": "1.0.2g-1ubuntu4.fips.4.20.12" } ] }
{ "binaries": [ { "binary_name": "libssl-dev", "binary_version": "1.0.2g-1ubuntu4.fips.4.6.3" }, { "binary_name": "libssl1.0.0", "binary_version": "1.0.2g-1ubuntu4.fips.4.6.3" }, { "binary_name": "libssl1.0.0-hmac", "binary_version": "1.0.2g-1ubuntu4.fips.4.6.3" }, { "binary_name": "openssl", "binary_version": "1.0.2g-1ubuntu4.fips.4.6.3" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libssl-dev", "binary_version": "1.1.1-1ubuntu2.1~18.04.21" }, { "binary_name": "libssl1.1", "binary_version": "1.1.1-1ubuntu2.1~18.04.21" }, { "binary_name": "openssl", "binary_version": "1.1.1-1ubuntu2.1~18.04.21" } ] }
{ "binaries": [ { "binary_name": "ovmf", "binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2" }, { "binary_name": "qemu-efi", "binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2" }, { "binary_name": "qemu-efi-aarch64", "binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2" }, { "binary_name": "qemu-efi-arm", "binary_version": "0~20180205.c0d9813c-2ubuntu0.3+esm2" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_name": "libssl-dev", "binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.21" }, { "binary_name": "libssl1.1", "binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.21" }, { "binary_name": "libssl1.1-hmac", "binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.21" }, { "binary_name": "openssl", "binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.21" } ] }
{ "binaries": [ { "binary_name": "libssl-dev", "binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2" }, { "binary_name": "libssl1.1", "binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2" }, { "binary_name": "libssl1.1-hmac", "binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2" }, { "binary_name": "openssl", "binary_version": "1.1.1-1ubuntu2.fips.2.1~18.04.15.2" } ] }
{ "binaries": [ { "binary_name": "ovmf", "binary_version": "0~20191122.bd85bf54-2ubuntu3.6" }, { "binary_name": "qemu-efi", "binary_version": "0~20191122.bd85bf54-2ubuntu3.6" }, { "binary_name": "qemu-efi-aarch64", "binary_version": "0~20191122.bd85bf54-2ubuntu3.6" }, { "binary_name": "qemu-efi-arm", "binary_version": "0~20191122.bd85bf54-2ubuntu3.6" } ] }
{ "availability": "Available with Ubuntu Pro: https://ubuntu.com/pro", "binaries": [ { "binary_name": "libssl-dev", "binary_version": "1.1.1f-1ubuntu2.fips.17" }, { "binary_name": "libssl1.1", "binary_version": "1.1.1f-1ubuntu2.fips.17" }, { "binary_name": "libssl1.1-hmac", "binary_version": "1.1.1f-1ubuntu2.fips.17" }, { "binary_name": "openssl", "binary_version": "1.1.1f-1ubuntu2.fips.17" } ] }
{ "binaries": [ { "binary_name": "libssl-dev", "binary_version": "1.1.1f-1ubuntu2.fips.7.1" }, { "binary_name": "libssl1.1", "binary_version": "1.1.1f-1ubuntu2.fips.7.1" }, { "binary_name": "libssl1.1-hmac", "binary_version": "1.1.1f-1ubuntu2.fips.7.1" }, { "binary_name": "openssl", "binary_version": "1.1.1f-1ubuntu2.fips.7.1" } ] }
{ "binaries": [ { "binary_name": "ovmf", "binary_version": "2022.02-3ubuntu0.22.04.3" }, { "binary_name": "ovmf-ia32", "binary_version": "2022.02-3ubuntu0.22.04.3" }, { "binary_name": "qemu-efi", "binary_version": "2022.02-3ubuntu0.22.04.3" }, { "binary_name": "qemu-efi-aarch64", "binary_version": "2022.02-3ubuntu0.22.04.3" }, { "binary_name": "qemu-efi-arm", "binary_version": "2022.02-3ubuntu0.22.04.3" } ] }
{ "availability": "No subscription required", "binaries": [ { "binary_name": "libnode-dev", "binary_version": "12.22.9~dfsg-1ubuntu3.3" }, { "binary_name": "libnode72", "binary_version": "12.22.9~dfsg-1ubuntu3.3" }, { "binary_name": "nodejs", "binary_version": "12.22.9~dfsg-1ubuntu3.3" } ] }