FreeBSD : gnupg -- side channel attack on RSA secret keys (80771b89-f57b-11e2-bf21-b499baab0cbe)

This script is Copyright (C) 2013 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

A Yarom and Falkner paper reports :

Flush+Reload is a cache side-channel attack that monitors access to
data in shared pages. In this paper we demonstrate how to use the
attack to extract private encryption keys from GnuPG. The high
resolution and low noise of the Flush+Reload attack enables a spy
program to recover over 98% of the bits of the private key in a single
decryption or signing round. Unlike previous attacks, the attack
targets the last level L3 cache. Consequently, the spy program and the
victim do not need to share the execution core of the CPU. The attack
is not limited to a traditional OS and can be used in a virtualised
environment, where it can attack programs executing in a different VM.

See also :

http://eprint.iacr.org/2013/448
http://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000330.html
http://www.nessus.org/u?59ad8d1c

Solution :

Update the affected package.

Risk factor :

High

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 69065 ()

Bugtraq ID:

CVE ID:

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now