CVE-2015-5738
Published: 26 July 2016
The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy (PFS), makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack.
Notes
Author | Note |
---|---|
mdeslaur | openssl upstream isn't affected |
Priority
CVSS 3 base score: 7.5
Status
Package | Release | Status |
---|---|---|
openssl Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
precise |
Not vulnerable
|
|
trusty |
Not vulnerable
|
|
vivid |
Not vulnerable
|
|
openssl098 Launchpad, Ubuntu, Debian |
upstream |
Needs triage
|
precise |
Not vulnerable
|
|
trusty |
Does not exist
(trusty was not-affected)
|
|
vivid |
Not vulnerable
|