CVE-2016-0702: Infoleak

Published Feb 22, 2016
·
Updated

As per Upstream security advisory:

A side-channel attack was found which makes use of cache-bank conflicts on the Intel Sandy-Bridge microarchitecture which could lead to the recovery of RSA keys. The ability to exploit this issue is limited as it relies on an attacker who has control of code in a thread running on the same hyper-threaded core as the victim thread which is performing decryptions.

This issue affects OpenSSL versions 1.0.2 and 1.0.1.

OpenSSL 1.0.2 users should upgrade to 1.0.2g OpenSSL 1.0.1 users should upgrade to 1.0.1s

This issue was reported to OpenSSL on Jan 8th 2016 by Yuval Yarom, The University of Adelaide and NICTA, Daniel Genkin, Technion and Tel Aviv University, and Nadia Heninger, University of Pennsylvania with more information at http://cachebleed.info. The fix was developed by Andy Polyakov of OpenSSL.

Other sources

LibreSSL. Multiple issues were addressed by updating to libressl version 2.6.4.

The MODEXPCTIMECOPYFROMPREBUF function in crypto/bn/bnexp.c in OpenSSL 1.0.1 before 1.0.1s and 1.0.2 before 1.0.2g does not properly consider cache-bank access times during modular exponentiation, which makes it easier for local users to discover RSA keys by running a crafted application on the same Intel Sandy Bridge CPU core as a victim and leveraging cache-bank conflicts, aka a "CacheBleed" attack.

MITRE

Credit

CVE-2015-3194, CVE-2015-5333, CVE-2015-5334, CVE-2016-0702

Affected Software

43 affected componentsFixes available
redhat/openssl<1.0.1
1.0.1
redhat/openssl<1.0.2
1.0.2
Apple macOS Mojave<10.14
10.14
OpenSSL OpenSSL=1.0.1
OpenSSL OpenSSL=1.0.1-beta1
OpenSSL OpenSSL=1.0.1-beta2
OpenSSL OpenSSL=1.0.1-beta3
OpenSSL OpenSSL=1.0.1a
OpenSSL OpenSSL=1.0.1b
OpenSSL OpenSSL=1.0.1c
OpenSSL OpenSSL=1.0.1d
OpenSSL OpenSSL=1.0.1e
OpenSSL OpenSSL=1.0.1f
OpenSSL OpenSSL=1.0.1g
OpenSSL OpenSSL=1.0.1h
OpenSSL OpenSSL=1.0.1i
OpenSSL OpenSSL=1.0.1j
OpenSSL OpenSSL=1.0.1k
OpenSSL OpenSSL=1.0.1l
OpenSSL OpenSSL=1.0.1m
OpenSSL OpenSSL=1.0.1n
OpenSSL OpenSSL=1.0.1o
OpenSSL OpenSSL=1.0.1p
OpenSSL OpenSSL=1.0.1q
OpenSSL OpenSSL=1.0.1r
OpenSSL OpenSSL=1.0.2
OpenSSL OpenSSL=1.0.2-beta1
OpenSSL OpenSSL=1.0.2-beta2
OpenSSL OpenSSL=1.0.2-beta3
OpenSSL OpenSSL=1.0.2a
OpenSSL OpenSSL=1.0.2b
OpenSSL OpenSSL=1.0.2c
OpenSSL OpenSSL=1.0.2d
OpenSSL OpenSSL=1.0.2e
OpenSSL OpenSSL=1.0.2f
Nodejs Node.js>=4.0.0<=4.1.2
Nodejs Node.js>=4.2.0<4.3.2
Nodejs Node.js>=5.0.0<5.7.1
Debian Debian Linux=7.0
Debian Debian Linux=8.0
Canonical Ubuntu Linux=12.04
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=15.10

Remediation

Patch Available

http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

Event History

Mar 3, 2016
CVE Published
via MITRE·12:00 AM
Data Sourced
via MITRE·12:00 AM
Description

Parent advisories

This vulnerability appears in the following advisories.

Peer vulnerabilities

Found alongside the following vulnerabilities.

Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Frequently Asked Questions

1

What is CVE-2016-0702?

CVE-2016-0702 is a vulnerability in OpenSSL that allows local users to discover RSA keys.

2

How severe is CVE-2016-0702?

CVE-2016-0702 has a severity rating of 5.1 (medium).

3

Which software is affected by CVE-2016-0702?

OpenSSL versions 1.0.1 to 1.0.1s and 1.0.2 to 1.0.2g are affected by CVE-2016-0702.

4

How do I fix CVE-2016-0702?

To fix CVE-2016-0702, update OpenSSL to version 1.0.1t or 1.0.2h.

5

Where can I find more information about CVE-2016-0702?

You can find more information about CVE-2016-0702 at the following links: http://cachebleed.info, http://cachebleed.info/, and https://www.openssl.org/news/secadv/20160301.txt.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203