5.9
MEDIUM
CVE-2018-0737
OpenSSL RSA Key Generation Cache Timing Side Channel Attack
Description

The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).

INFO

Published Date :

April 16, 2018, 6:29 p.m.

Last Modified :

Nov. 7, 2023, 2:51 a.m.

Remotely Exploitable :

Yes !

Impact Score :

3.6

Exploitability Score :

2.2
Public PoC/Exploit Available at Github

CVE-2018-0737 has a 7 public PoC/Exploit available at Github. Go to the Public Exploits tab to see the list.

Affected Products

The following products are affected by CVE-2018-0737 vulnerability. Even if cvefeed.io is aware of the exact versions of the products that are affected, the information is not represented in the table below.

ID Vendor Product Action
1 Canonical ubuntu_linux
1 Openssl openssl
References to Advisories, Solutions, and Tools

Here, you will find a curated list of external links that provide in-depth information, practical solutions, and valuable tools related to CVE-2018-0737.

URL Resource
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/103766 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1040685 Third Party Advisory VDB Entry
https://access.redhat.com/errata/RHSA-2018:3221
https://access.redhat.com/errata/RHSA-2018:3505
https://access.redhat.com/errata/RHSA-2019:3932
https://access.redhat.com/errata/RHSA-2019:3933
https://access.redhat.com/errata/RHSA-2019:3935
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=349a41da1ad88ad87825414752a8ff5fdd6a6c3f
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787
https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/
https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/
https://security.gentoo.org/glsa/201811-21
https://security.netapp.com/advisory/ntap-20180726-0003/
https://securityadvisories.paloaltonetworks.com/Home/Detail/133
https://usn.ubuntu.com/3628-1/ Third Party Advisory
https://usn.ubuntu.com/3628-2/ Third Party Advisory
https://usn.ubuntu.com/3692-1/
https://usn.ubuntu.com/3692-2/
https://www.debian.org/security/2018/dsa-4348
https://www.debian.org/security/2018/dsa-4355
https://www.openssl.org/news/secadv/20180416.txt Vendor Advisory
https://www.oracle.com//security-alerts/cpujul2021.html
https://www.oracle.com/security-alerts/cpuapr2020.html
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
https://www.tenable.com/security/tns-2018-12
https://www.tenable.com/security/tns-2018-13
https://www.tenable.com/security/tns-2018-14
https://www.tenable.com/security/tns-2018-17

We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).

None

Updated: 1 year, 6 months ago
0 stars 0 fork 0 watcher
Born at : April 24, 2023, 3:51 p.m. This repo has been linked 1 different CVEs too.

None

Updated: 2 months, 2 weeks ago
5 stars 0 fork 0 watcher
Born at : Feb. 23, 2023, 5:42 a.m. This repo has been linked 455 different CVEs too.

None

Updated: 2 years, 3 months ago
0 stars 0 fork 0 watcher
Born at : Aug. 6, 2022, 4:57 a.m. This repo has been linked 1 different CVEs too.

Python script to search queries on Shodan. It gives a detailed inform of each result in the search, including vulnerabilities and exploits.

Python

Updated: 2 years, 9 months ago
0 stars 0 fork 0 watcher
Born at : Feb. 16, 2022, 4:15 p.m. This repo has been linked 5 different CVEs too.

Quick and easy CVE scanning for Linux systems

Python

Updated: 4 years, 5 months ago
0 stars 0 fork 0 watcher
Born at : June 4, 2020, 9:12 p.m. This repo has been linked 12 different CVEs too.

TLS - what can go wrong?

Updated: 3 months, 1 week ago
100 stars 10 fork 10 watcher
Born at : Nov. 10, 2018, 5:36 p.m. This repo has been linked 2 different CVEs too.

sslpatch for openssl & nginx

Updated: 2 years, 3 months ago
23 stars 3 fork 3 watcher
Born at : Jan. 12, 2018, 3:32 a.m. This repo has been linked 1 different CVEs too.

Results are limited to the first 15 repositories due to potential performance issues.

The following list is the news that have been mention CVE-2018-0737 vulnerability anywhere in the article.

The following table lists the changes that have been made to the CVE-2018-0737 vulnerability over time.

Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.

  • CVE Modified by [email protected]

    May. 14, 2024

    Action Type Old Value New Value
  • CVE Modified by [email protected]

    Nov. 07, 2023

    Action Type Old Value New Value
    Added Reference OpenSSL Software Foundation https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/ [No types assigned]
    Added Reference OpenSSL Software Foundation https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/ [No types assigned]
    Added Reference OpenSSL Software Foundation https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/ [No types assigned]
    Added Reference OpenSSL Software Foundation https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=349a41da1ad88ad87825414752a8ff5fdd6a6c3f [No types assigned]
    Added Reference OpenSSL Software Foundation https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787 [No types assigned]
    Removed Reference OpenSSL Software Foundation https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787
    Removed Reference OpenSSL Software Foundation https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=349a41da1ad88ad87825414752a8ff5fdd6a6c3f
    Removed Reference OpenSSL Software Foundation https://lists.fedoraproject.org/archives/list/[email protected]/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/
    Removed Reference OpenSSL Software Foundation https://lists.fedoraproject.org/archives/list/[email protected]/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/
    Removed Reference OpenSSL Software Foundation https://lists.fedoraproject.org/archives/list/[email protected]/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/
  • CVE Modified by [email protected]

    Jul. 20, 2021

    Action Type Old Value New Value
    Added Reference https://www.oracle.com//security-alerts/cpujul2021.html [No Types Assigned]
  • CVE Modified by [email protected]

    Apr. 15, 2020

    Action Type Old Value New Value
    Added Reference https://www.oracle.com/security-alerts/cpuapr2020.html [No Types Assigned]
  • CVE Modified by [email protected]

    Nov. 20, 2019

    Action Type Old Value New Value
    Added Reference https://access.redhat.com/errata/RHSA-2019:3932 [No Types Assigned]
  • CVE Modified by [email protected]

    Nov. 20, 2019

    Action Type Old Value New Value
    Added Reference https://access.redhat.com/errata/RHSA-2019:3935 [No Types Assigned]
    Added Reference https://access.redhat.com/errata/RHSA-2019:3933 [No Types Assigned]
  • CWE Remap by [email protected]

    Oct. 03, 2019

    Action Type Old Value New Value
    Changed CWE CWE-310 CWE-310 CWE-327
  • CVE Modified by [email protected]

    Sep. 26, 2019

    Action Type Old Value New Value
    Added Reference https://lists.fedoraproject.org/archives/list/[email protected]/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/ [No Types Assigned]
  • CVE Modified by [email protected]

    Sep. 25, 2019

    Action Type Old Value New Value
    Added Reference https://lists.fedoraproject.org/archives/list/[email protected]/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/ [No Types Assigned]
  • CVE Modified by [email protected]

    Sep. 21, 2019

    Action Type Old Value New Value
    Added Reference https://lists.fedoraproject.org/archives/list/[email protected]/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/ [No Types Assigned]
  • CVE Modified by [email protected]

    Jul. 23, 2019

    Action Type Old Value New Value
    Added Reference https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html [No Types Assigned]
  • CVE Modified by [email protected]

    Apr. 23, 2019

    Action Type Old Value New Value
    Added Reference https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html [No Types Assigned]
  • CVE Modified by [email protected]

    Jan. 16, 2019

    Action Type Old Value New Value
    Added Reference https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html [No Types Assigned]
  • CVE Modified by [email protected]

    Dec. 21, 2018

    Action Type Old Value New Value
    Added Reference https://www.tenable.com/security/tns-2018-17 [No Types Assigned]
  • CVE Modified by [email protected]

    Dec. 20, 2018

    Action Type Old Value New Value
    Added Reference https://www.debian.org/security/2018/dsa-4355 [No Types Assigned]
  • CVE Modified by [email protected]

    Dec. 01, 2018

    Action Type Old Value New Value
    Added Reference https://www.debian.org/security/2018/dsa-4348 [No Types Assigned]
  • CVE Modified by [email protected]

    Nov. 29, 2018

    Action Type Old Value New Value
    Added Reference https://security.gentoo.org/glsa/201811-21 [No Types Assigned]
  • CVE Modified by [email protected]

    Nov. 07, 2018

    Action Type Old Value New Value
    Added Reference https://access.redhat.com/errata/RHSA-2018:3505 [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 31, 2018

    Action Type Old Value New Value
    Added Reference https://access.redhat.com/errata/RHSA-2018:3221 [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 24, 2018

    Action Type Old Value New Value
    Added Reference https://www.tenable.com/security/tns-2018-14 [No Types Assigned]
    Added Reference https://www.tenable.com/security/tns-2018-13 [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 17, 2018

    Action Type Old Value New Value
    Added Reference http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html [No Types Assigned]
  • CVE Modified by [email protected]

    Oct. 12, 2018

    Action Type Old Value New Value
    Added Reference https://securityadvisories.paloaltonetworks.com/Home/Detail/133 [No Types Assigned]
  • CVE Modified by [email protected]

    Sep. 19, 2018

    Action Type Old Value New Value
    Added Reference https://www.tenable.com/security/tns-2018-12 [No Types Assigned]
  • CVE Modified by [email protected]

    Aug. 24, 2018

    Action Type Old Value New Value
    Added Reference https://nodejs.org/en/blog/vulnerability/august-2018-security-releases/ [No Types Assigned]
  • CVE Modified by [email protected]

    Jul. 29, 2018

    Action Type Old Value New Value
    Added Reference https://lists.debian.org/debian-lts-announce/2018/07/msg00043.html [No Types Assigned]
  • CVE Modified by [email protected]

    Jul. 28, 2018

    Action Type Old Value New Value
    Added Reference https://security.netapp.com/advisory/ntap-20180726-0003/ [No Types Assigned]
  • CVE Modified by [email protected]

    Jun. 28, 2018

    Action Type Old Value New Value
    Added Reference https://usn.ubuntu.com/3692-2/ [No Types Assigned]
    Added Reference https://usn.ubuntu.com/3692-1/ [No Types Assigned]
  • Initial Analysis by [email protected]

    May. 23, 2018

    Action Type Old Value New Value
    Added CVSS V2 (AV:N/AC:M/Au:N/C:P/I:N/A:N)
    Added CVSS V3 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
    Changed Reference Type https://usn.ubuntu.com/3628-1/ No Types Assigned https://usn.ubuntu.com/3628-1/ Third Party Advisory
    Changed Reference Type http://www.securitytracker.com/id/1040685 No Types Assigned http://www.securitytracker.com/id/1040685 Third Party Advisory, VDB Entry
    Changed Reference Type https://usn.ubuntu.com/3628-2/ No Types Assigned https://usn.ubuntu.com/3628-2/ Third Party Advisory
    Changed Reference Type https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787 No Types Assigned https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6939eab03a6e23d2bd2c3f5e34fe1d48e542e787 Patch, Vendor Advisory
    Changed Reference Type https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=349a41da1ad88ad87825414752a8ff5fdd6a6c3f No Types Assigned https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=349a41da1ad88ad87825414752a8ff5fdd6a6c3f Patch, Vendor Advisory
    Changed Reference Type http://www.securityfocus.com/bid/103766 No Types Assigned http://www.securityfocus.com/bid/103766 Third Party Advisory, VDB Entry
    Changed Reference Type https://www.openssl.org/news/secadv/20180416.txt No Types Assigned https://www.openssl.org/news/secadv/20180416.txt Vendor Advisory
    Added CWE CWE-310
    Added CPE Configuration OR *cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from (including) 1.0.2b up to (including) 1.0.2o *cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:* versions from (including) 1.1.0 up to (including) 1.1.0h
    Added CPE Configuration OR *cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:* *cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
  • CVE Modified by [email protected]

    Apr. 21, 2018

    Action Type Old Value New Value
    Added Reference https://usn.ubuntu.com/3628-2/ [No Types Assigned]
    Added Reference https://usn.ubuntu.com/3628-1/ [No Types Assigned]
  • CVE Modified by [email protected]

    Apr. 18, 2018

    Action Type Old Value New Value
    Added Reference http://www.securitytracker.com/id/1040685 [No Types Assigned]
    Added Reference http://www.securityfocus.com/bid/103766 [No Types Assigned]
EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days. Following chart shows the EPSS score history of the vulnerability.
CWE - Common Weakness Enumeration

While CVE identifies specific instances of vulnerabilities, CWE categorizes the common flaws or weaknesses that can lead to vulnerabilities. CVE-2018-0737 is associated with the following CWEs:

Exploit Prediction

EPSS is a daily estimate of the probability of exploitation activity being observed over the next 30 days.

1.04 }} 0.01%

score

0.84127

percentile

CVSS30 - Vulnerability Scoring System
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability