Re: [openssl-users] CVE-201-0737
On 16/04/18 0935PDT, Matt Caswell wrote: >On 16/04/18 16:59, Scott Neugroschl wrote: >> Hi, >> >> I'm trying to make sure I have grokked this advisory properly. >> >> The advisory says this is a cache timing side channel attack on key >> generation. So am I correct in assuming that a potential attacker must >> >> 1) Already have access to the system >> 2) Have sufficient privilege to be able to access cache info > >Correct. Thanks, Matt! --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 | -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
Re: [openssl-users] CVE-201-0737
On 16/04/18 16:59, Scott Neugroschl wrote: > Hi, > > I'm trying to make sure I have grokked this advisory properly. > > The advisory says this is a cache timing side channel attack on key > generation. So am I correct in assuming that a potential attacker must > > 1) Already have access to the system > 2) Have sufficient privilege to be able to access cache info Correct. Matt -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
[openssl-users] CVE-201-0737
Hi, I'm trying to make sure I have grokked this advisory properly. The advisory says this is a cache timing side channel attack on key generation. So am I correct in assuming that a potential attacker must 1) Already have access to the system 2) Have sufficient privilege to be able to access cache info Or am I completely mistaken here? Thanks, ScottN --- Scott Neugroschl | XYPRO Technology Corporation 4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 | -- openssl-users mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users