CVE-2014-0076

Priority
Description
The Montgomery ladder implementation in OpenSSL through 1.0.0l does not
ensure that certain swap operations have a constant-time behavior, which
makes it easier for local users to obtain ECDSA nonces via a FLUSH+RELOAD
cache side-channel attack.
Assigned-to
mdeslaur
Notes
Package
Upstream:needs-triage
More Information

Updated: 2020-03-18 22:14:29 UTC (commit 2ea7df7bd1e69e1e489978d2724a936eb3faa1b8)