Summary
A timing-based side channel exists in the OpenSSL RSA Decryption implementation that could be used to recover a plaintext across a network with a Bleichenbacher style attack. An attacker would have to send a lot of trial messages to get a successful decryption. All RSA padding modes are affected by the vulnerability. The attacker could recover the pre-master secret used for the original connection after a large number of messages.
Products Potentially Affected
| OS/Product |
Exposure |
| Network OS |
Yes |
|
Repair Recommendations
Fixed in 7.4.1h or later. (Target GA: September, 2023)
Please see the full security advisory article here for more details and updates.
