NetBSD Security Advisory 2008-008: OpenSSL Montgomery multiplication

[NetBSD Security-Officer <security-officer%netbsd.org@localhost>]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


                 NetBSD Security Advisory 2008-008
                 =================================

Topic:          OpenSSL Montgomery multiplication

Version:        NetBSD-current:         affected
                NetBSD-4.0:             affected
                pkgsrc:                 openssl packages prior to 0.9.8g

Severity:       Local information disclosure

Fixed:          NetBSD-current:         April 10, 2008
                NetBSD-4-0 branch:      April 13, 2008
                        (4.0.1 will include the fix)
                NetBSD-4 branch:        April 13, 2008
                        (4.1 will include the fix)
                pkgsrc:                 openssl-0.9.8g corrects the issue


Abstract
========

A local attacker may be able to retrieve another user's RSA private keys.

This vulnerability has been assigned CVE-2007-3108.


Technical Details
=================

Due to OpenSSL not properly performing Montgomery multiplication it
may allow a local attacker to launch a side-channel attack in order 
to retrieve user's private RSA keys.


Solutions and Workarounds
=========================

The following instructions describe how to upgrade your OpenSSL
binaries by updating your source tree and rebuilding and
installing a new version of OpenSSL.

* NetBSD-current:

        Systems running NetBSD-current dated from before 2008-04-10
        should be upgraded to NetBSD-current dated 2008-04-11 or later.

        The following files/directories need to be updated from the
        netbsd-current CVS branch (aka HEAD):
                crypto/dist/openssl/crypto/bn/bn_mont.c

        To update from CVS, re-build, and re-install OpenSSL:

                # cd src
                # cvs update crypto/dist/openssl/crypto/bn/bn_mont.c
                # cd lib/libcrypt
                # make USETOOLS=no cleandir dependall
                # cd ../../lib/libcrypto
                # make USETOOLS=no cleandir dependall
                # make USETOOLS=no install
                

* NetBSD 4.*:

        Systems running NetBSD 4.* sources dated from before
        2008-04-13 should be upgraded from NetBSD 4.* sources dated
        2008-04-14 or later.

        The following files/directories need to be updated from the
        netbsd-4 or netbsd-4-0 branches:
                crypto/dist/openssl/crypto/bn/bn_mont.c

        To update from CVS, re-build, and re-install OpenSSL:

                # cd src
                # cvs update -r <branch_name> \ 
                        crypto/dist/openssl/crypto/bn/bn_mont.c
                # cd lib/libcrypt
                # make USETOOLS=no cleandir dependall
                # cd ../../lib/libcrypto
                # make USETOOLS=no cleandir dependall
                # make USETOOLS=no install


Revision History
================

        2008-05-08      Initial release


More Information
================

Advisories may be updated as new information becomes available.
The most recent version of this advisory (PGP signed) can be found at 
  ftp://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2008-008.txt.asc

Information about NetBSD and NetBSD security can be found at
http://www.NetBSD.org/ and http://www.NetBSD.org/Security/.


Copyright 2008, The NetBSD Foundation, Inc.  All Rights Reserved.
Redistribution permitted only in full, unmodified form.

$NetBSD: NetBSD-SA2008-008.txt,v 1.1 2008/05/06 21:36:26 adrianp Exp $

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (NetBSD)

iQCVAwUBSCDPdz5Ru2/4N2IFAQLhkAQAvGwMhunQF8caeQNQF63vnzbZKtkTy1hr
IRUNiKOqNL2M6YZhq75laX+aCEHjYhfSuLICAQ0RcGaS7+KZepMiAAgbvCeNuuBH
BhKppz5UX3K+js8LzITa1XfrKy5snW6LR7as0aRG/OSpyieEJ4goui9MkfqpvYn1
kzP/Dw0nO7E=
=G5x7
-----END PGP SIGNATURE-----