FreeBSD : gnupg -- side channel attack on RSA secret keys (80771b89-f57b-11e2-bf21-b499baab0cbe)

high Nessus Plugin ID 69065

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

A Yarom and Falkner paper reports :

Flush+Reload is a cache side-channel attack that monitors access to data in shared pages. In this paper we demonstrate how to use the attack to extract private encryption keys from GnuPG. The high resolution and low noise of the Flush+Reload attack enables a spy program to recover over 98% of the bits of the private key in a single decryption or signing round. Unlike previous attacks, the attack targets the last level L3 cache. Consequently, the spy program and the victim do not need to share the execution core of the CPU. The attack is not limited to a traditional OS and can be used in a virtualised environment, where it can attack programs executing in a different VM.

Solution

Update the affected package.

See Also

https://eprint.iacr.org/2013/448

https://lists.gnupg.org/pipermail/gnupg-announce/2013q3/000330.html

http://www.nessus.org/u?a46bae75

Plugin Details

Severity: High

ID: 69065

File Name: freebsd_pkg_80771b89f57b11e2bf21b499baab0cbe.nasl

Version: 1.6

Type: local

Published: 7/26/2013

Updated: 1/6/2021

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:gnupg, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 7/25/2013

Vulnerability Publication Date: 7/18/2013