Vulnerabilities > CVE-2016-6489 - Information Exposure Through Discrepancy vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
NONE Availability impact
NONE Summary
The RSA and DSA decryption code in Nettle makes it easier for attackers to discover private keys via a cache side channel attack.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
Nessus
NASL family Huawei Local Security Checks NASL id EULEROS_SA-2016-1061.NASL description According to the versions of the nettle packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Nettle is a cryptographic library that is designed to fit easily in more or less any context: In crypto toolkits for object-oriented languages(C++, Python, Pike, ...), in applications like LSH or GNUPG, or even in kernel space. - Secure Fix(es): - The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015-8805.(CVE-2015-8803) - x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors.(CVE-2015-8804) - The ecc_256_modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015-8803.(CVE-2015-8805) - It was found that nettle last seen 2020-05-06 modified 2017-05-01 plugin id 99823 published 2017-05-01 reporter This script is Copyright (C) 2017-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/99823 title EulerOS 2.0 SP1 : nettle (EulerOS-SA-2016-1061) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201706-21.NASL description The remote host is affected by the vulnerability described in GLSA-201706-21 (nettle: Information disclosure) It was found that nettle’s RSA and DSA decryption code was vulnerable to cache-related side channel attacks. See the referenced technical paper “Cache Attacks Enable Bulk Key Recovery on the Cloud” below for details. Impact : An attacker could recover the private key from a co-located virtual-machine instance. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 101016 published 2017-06-23 reporter This script is Copyright (C) 2017-2018 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/101016 title GLSA-201706-21 : nettle: Information disclosure NASL family SuSE Local Security Checks NASL id SUSE_SU-2017-1481-1.NASL description This update for libnettle fixes the following issues : - CVE-2016-6489 : - Reject invalid RSA keys with even modulo. - Check for invalid keys, with even p, in dsa_sign(). - Use function mpz_powm_sec() instead of mpz_powm() (bsc#991464). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 100614 published 2017-06-05 reporter This script is Copyright (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/100614 title SUSE SLED12 / SLES12 Security Update : libnettle (SUSE-SU-2017:1481-1) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-1_0-0119_NETTLE.NASL description An update of the nettle package has been released. last seen 2020-03-17 modified 2019-02-07 plugin id 121816 published 2019-02-07 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121816 title Photon OS 1.0: Nettle PHSA-2018-1.0-0119 NASL family Oracle Linux Local Security Checks NASL id ORACLELINUX_ELSA-2016-2582.NASL description From Red Hat Security Advisory 2016:2582 : An update for nettle is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Nettle is a cryptographic library that is designed to fit easily in almost any context: In cryptographic toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like lsh or GnuPG, or even in kernel space. Security Fix(es) : * Multiple flaws were found in the way nettle implemented elliptic curve scalar multiplication. These flaws could potentially introduce cryptographic weaknesses into nettle last seen 2020-06-01 modified 2020-06-02 plugin id 94704 published 2016-11-11 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94704 title Oracle Linux 7 : nettle (ELSA-2016-2582) NASL family CentOS Local Security Checks NASL id CENTOS_RHSA-2016-2582.NASL description An update for nettle is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Nettle is a cryptographic library that is designed to fit easily in almost any context: In cryptographic toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like lsh or GnuPG, or even in kernel space. Security Fix(es) : * Multiple flaws were found in the way nettle implemented elliptic curve scalar multiplication. These flaws could potentially introduce cryptographic weaknesses into nettle last seen 2020-06-01 modified 2020-06-02 plugin id 95329 published 2016-11-28 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95329 title CentOS 7 : nettle (CESA-2016:2582) NASL family Ubuntu Local Security Checks NASL id UBUNTU_USN-3193-1.NASL description It was discovered that Nettle incorrectly mitigated certain timing side-channel attacks. A remote attacker could possibly use this flaw to recover private keys. Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 97050 published 2017-02-07 reporter Ubuntu Security Notice (C) 2017-2019 Canonical, Inc. / NASL script (C) 2017-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/97050 title Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS / 16.10 : nettle vulnerability (USN-3193-1) NASL family Scientific Linux Local Security Checks NASL id SL_20161103_NETTLE_ON_SL7_X.NASL description Security Fix(es) : - Multiple flaws were found in the way nettle implemented elliptic curve scalar multiplication. These flaws could potentially introduce cryptographic weaknesses into nettle last seen 2020-03-18 modified 2016-12-15 plugin id 95849 published 2016-12-15 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95849 title Scientific Linux Security Update : nettle on SL7.x x86_64 (20161103) NASL family SuSE Local Security Checks NASL id OPENSUSE-2017-675.NASL description This update for libnettle fixes the following issues : - CVE-2016-6489 : - Reject invalid RSA keys with even modulo. - Check for invalid keys, with even p, in dsa_sign(). - Use function mpz_powm_sec() instead of mpz_powm() (bsc#991464). This update was imported from the SUSE:SLE-12:Update update project. last seen 2020-06-05 modified 2017-06-13 plugin id 100753 published 2017-06-13 reporter This script is Copyright (C) 2017-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/100753 title openSUSE Security Update : libnettle (openSUSE-2017-675) NASL family Red Hat Local Security Checks NASL id REDHAT-RHSA-2016-2582.NASL description An update for nettle is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. Nettle is a cryptographic library that is designed to fit easily in almost any context: In cryptographic toolkits for object-oriented languages, such as C++, Python, or Pike, in applications like lsh or GnuPG, or even in kernel space. Security Fix(es) : * Multiple flaws were found in the way nettle implemented elliptic curve scalar multiplication. These flaws could potentially introduce cryptographic weaknesses into nettle last seen 2020-06-01 modified 2020-06-02 plugin id 94545 published 2016-11-04 reporter This script is Copyright (C) 2016-2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/94545 title RHEL 7 : nettle (RHSA-2016:2582) NASL family Fedora Local Security Checks NASL id FEDORA_2016-762CB57C92.NASL description Nettle 3.3: https://lists.gnu.org/archive/html/info-gnu/2016-10/msg00003.html GnuTLS 3.5.5: https://lists.gnupg.org/pipermail/gnutls-devel/2016-October/008194.htm l Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-05 modified 2016-11-21 plugin id 95005 published 2016-11-21 reporter This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/95005 title Fedora 25 : mingw-gnutls / mingw-nettle (2016-762cb57c92) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2018-1_0-0119.NASL description An update of 'nettle' packages of Photon OS has been released. last seen 2019-02-08 modified 2019-02-07 plugin id 111925 published 2018-08-17 reporter Tenable source https://www.tenable.com/plugins/index.php?view=single&id=111925 title Photon OS 1.0: Nettle PHSA-2018-1.0-0119 (deprecated) NASL family Debian Local Security Checks NASL id DEBIAN_DLA-593.NASL description The cryptographic library nettle had a potential information leak problem reported. CVE-2016-6489 RSA code is vulnerable to cache sharing related attacks. For Debian 7 last seen 2020-03-17 modified 2016-08-12 plugin id 92874 published 2016-08-12 reporter This script is Copyright (C) 2016-2020 Tenable Network Security, Inc. source https://www.tenable.com/plugins/nessus/92874 title Debian DLA-593-1 : nettle security update
Redhat
| advisories |
| ||||||||||||||||||||||||||||||||||||||||||||||||||||
| rpms |
|
References
- https://git.lysator.liu.se/nettle/nettle/commit/3fe1d6549765ecfb24f0b80b2ed086fdc818bff3
- https://eprint.iacr.org/2016/596.pdf
- https://bugzilla.redhat.com/show_bug.cgi?id=1362016
- http://www.ubuntu.com/usn/USN-3193-1
- http://www.openwall.com/lists/oss-security/2016/07/29/7
- http://rhn.redhat.com/errata/RHSA-2016-2582.html
- https://security.gentoo.org/glsa/201706-21
- https://www.oracle.com/security-alerts/cpuapr2020.html