[Pkg-openssl-devel] Bug#1094027: openssl: CVE-2024-13176: Timing side-channel in ECDSA signature computation
Salvatore Bonaccorso
carnil at debian.org
Fri Jan 24 19:35:30 GMT 2025
Source: openssl
Version: 3.4.0-2
Severity: important
Tags: security upstream
X-Debbugs-Cc: carnil at debian.org, Debian Security Team <team at security.debian.org>
Control: found -1 3.0.15-1~deb12u1
Hi,
The following vulnerability was published for openssl.
CVE-2024-13176[0]:
| Issue summary: A timing side-channel which could potentially allow
| recovering the private key exists in the ECDSA signature
| computation. Impact summary: A timing side-channel in ECDSA
| signature computations could allow recovering the private key by an
| attacker. However, measuring the timing would require either local
| access to the signing application or a very fast network connection
| with low latency. There is a timing signal of around 300
| nanoseconds when the top word of the inverted ECDSA nonce value is
| zero. This can happen with significant probability only for some of
| the supported elliptic curves. In particular the NIST P-521 curve is
| affected. To be able to measure this leak, the attacker process must
| either be located in the same physical computer or must have a very
| fast network connection with low latency. For that reason the
| severity of this vulnerability is Low.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2024-13176
https://www.cve.org/CVERecord?id=CVE-2024-13176
[1] https://openssl-library.org/news/secadv/20250120.txt
Regards,
Salvatore
More information about the Pkg-openssl-devel
mailing list