CVE-2016-7056

A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys.

Published : 2018-09-10 16:29 Updated : 2019-10-09 23:19

2.1

CVSS Score More info

Score 2.1 / 10

Access vector LOCAL

A vulnerability exploitable with only local access requires the attacker to have either physical access to the vulnerable system or a local (shell) account. Examples of locally exploitable vulnerabilities are peripheral attacks such as Firewire/USB DMA attacks, and local privilege escalations (e.g., sudo).

Access complexity LOW

Specialized access conditions or extenuating circumstances do not exist. The following are examples:

The affected product typically requires access to a wide range of systems and users, possibly anonymous and untrusted (e.g., Internet-facing web or mail server).
The affected configuration is default or ubiquitous.
The attack can be performed manually and requires little skill or additional information gathering.
The race condition is a lazy one (i.e., it is technically a race but easily winnable).

Authentication NONE

Authentication is not required to exploit the vulnerability.

Confidentiality impact PARTIAL

There is considerable informational disclosure. Access to some system files is possible, but the attacker does not have control over what is obtained, or the scope of the loss is constrained. An example is a vulnerability that divulges only certain tables in a database.

Integrity impact NONE

There is no impact to the integrity of the system.

Availability impact NONE

There is no impact to the availability of the system.

CPE (7)
Tree view

Vendor	Product	Version	URI
Openssl	Openssl	1.0.1u	cpe:/a:openssl:openssl:1.0.1u
Canonical	Ubuntu Linux	12.04	cpe:/o:canonical:ubuntu_linux:12.04::~~esm~~~
Canonical	Ubuntu Linux	14.04	cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~
Debian	Debian Linux	8.0	cpe:/o:debian:debian_linux:8.0
Debian	Debian Linux	9.0	cpe:/o:debian:debian_linux:9.0
Redhat	Enterprise Linux	7.0	cpe:/o:redhat:enterprise_linux:7.0
Redhat	Enterprise Linux	6.0	cpe:/o:redhat:enterprise_linux:6.0

Canonical (1) Search CVE
1. Ubuntu Linux (2) Search CVE
  1. 12.04
  2. 14.04
Openssl (1) Search CVE
1. Openssl (1) Search CVE
  1. 1.0.1u
Redhat (1) Search CVE
1. Enterprise Linux (2) Search CVE
  1. 7.0
  2. 6.0
Debian (1) Search CVE
1. Debian Linux (2) Search CVE
  1. 8.0
  2. 9.0

CWE

ID	Name	Description	Links
CWE-320	Key Management Errors	Weaknesses in this category are related to errors in the management of cryptographic keys.		CVE

References

Source	Link
MISC	https://eprint.iacr.org/2016/1195
CONFIRM	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7056
REDHAT	https://access.redhat.com/errata/RHSA-2017:1414
REDHAT	https://access.redhat.com/errata/RHSA-2017:1413
REDHAT	https://access.redhat.com/errata/RHSA-2017:1802
CONFIRM	https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/033_libcrypto.patch.sig
BID	http://www.securityfocus.com/bid/95375
DEBIAN	https://www.debian.org/security/2017/dsa-3773
CONFIRM	https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7056.html
CONFIRM	https://security-tracker.debian.org/tracker/CVE-2016-7056
MLIST	https://seclists.org/oss-sec/2017/q1/52
SECTRACK	http://www.securitytracker.com/id/1037575
CONFIRM	https://git.openssl.org/?p=openssl.git;a=commit;h=8aed2a7548362e88e84a7feb795a3a97e8395008
REDHAT	https://access.redhat.com/errata/RHSA-2017:1801
CONFIRM	https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/016_libcrypto.patch.sig
REDHAT	http://rhn.redhat.com/errata/RHSA-2017-1415.html

History of changes

Date

Event

2019-04-22 17:48

CPEs changed

1 added

cpe:/o:redhat:enterprise_linux:6.0 (Redhat / Enterprise Linux)

1 removed

cpe:/o:redhat:enterprise_linux:6 (Redhat / Enterprise Linux)

2019-01-17 18:48

CVSS changed

New score : 2.1
No old score

CWEs changed

Added : CWE-320

References changed

16 changed

https://access.redhat.com/errata/RHSA-2017:1414	UNKNOWN->VENDOR_ADVISORY
https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/033_libcrypto.patch.sig	UNKNOWN->VENDOR_ADVISORY
https://eprint.iacr.org/2016/1195	UNKNOWN->VENDOR_ADVISORY
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2016-7056	UNKNOWN->VENDOR_ADVISORY
https://access.redhat.com/errata/RHSA-2017:1413	UNKNOWN->VENDOR_ADVISORY
https://access.redhat.com/errata/RHSA-2017:1802	UNKNOWN->VENDOR_ADVISORY
http://www.securityfocus.com/bid/95375	UNKNOWN->VENDOR_ADVISORY
https://www.debian.org/security/2017/dsa-3773	UNKNOWN->VENDOR_ADVISORY
https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7056.html	UNKNOWN->VENDOR_ADVISORY
https://security-tracker.debian.org/tracker/CVE-2016-7056	UNKNOWN->VENDOR_ADVISORY
https://seclists.org/oss-sec/2017/q1/52	UNKNOWN->VENDOR_ADVISORY
http://www.securitytracker.com/id/1037575	UNKNOWN->VENDOR_ADVISORY
https://git.openssl.org/?p=openssl.git;a=commit;h=8aed2a7548362e88e84a7feb795a3a97e8395008	UNKNOWN->VENDOR_ADVISORY
https://access.redhat.com/errata/RHSA-2017:1801	UNKNOWN->VENDOR_ADVISORY
https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/016_libcrypto.patch.sig	UNKNOWN->VENDOR_ADVISORY
http://rhn.redhat.com/errata/RHSA-2017-1415.html	UNKNOWN->VENDOR_ADVISORY

CPEs changed

7 added

cpe:/a:openssl:openssl:1.0.1u (Openssl / Openssl)
cpe:/o:canonical:ubuntu_linux:12.04::~~esm~~~ (Canonical / Ubuntu Linux)
cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~ (Canonical / Ubuntu Linux)
cpe:/o:debian:debian_linux:8.0 (Debian / Debian Linux)
cpe:/o:debian:debian_linux:9.0 (Debian / Debian Linux)
cpe:/o:redhat:enterprise_linux:6 (Redhat / Enterprise Linux)
cpe:/o:redhat:enterprise_linux:7.0 (Redhat / Enterprise Linux)

2018-09-11 21:29

References changed

4 added

CONFIRM	https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-7056.html
CONFIRM	https://security-tracker.debian.org/tracker/CVE-2016-7056
CONFIRM	https://ftp.openbsd.org/pub/OpenBSD/patches/5.9/common/033_libcrypto.patch.sig
CONFIRM	https://ftp.openbsd.org/pub/OpenBSD/patches/6.0/common/016_libcrypto.patch.sig

2018-09-11 10:29

References changed

8 added

DEBIAN	https://www.debian.org/security/2017/dsa-3773
REDHAT	https://access.redhat.com/errata/RHSA-2017:1413
REDHAT	https://access.redhat.com/errata/RHSA-2017:1414
BID	http://www.securityfocus.com/bid/95375
REDHAT	http://rhn.redhat.com/errata/RHSA-2017-1415.html
REDHAT	https://access.redhat.com/errata/RHSA-2017:1802
SECTRACK	http://www.securitytracker.com/id/1037575
REDHAT	https://access.redhat.com/errata/RHSA-2017:1801

2018-09-10 16:29

CVE-2016-7056

Score 2.1 / 10

CWE

References

History of changes

New CVE