Want more timely Centmin Mod News Updates?
Become a Member

Security New PortSmash side-channel vulnerability - Cpu's with HT affected

Discussion in 'CentOS, Redhat & Oracle Linux News' started by Revenge, Nov 3, 2018.

  1. Revenge

    Revenge Active Member

    469
    93
    28
    Feb 21, 2016
    Portugal
    Ratings:
    +354
    Local Time:
    10:05 PM
    1.9.x
    10.1.x
    Intel CPUs impacted by new PortSmash side-channel vulnerability | ZDNet

     
  2. eva2000

    eva2000 Administrator Staff Member

    52,727
    12,074
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,601
    Local Time:
    7:05 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Here we go again ! Thanks @Revenge for the heads up. Seems future is to go with HT disabled on servers so AMD EPYC might be more ideal given still higher number of cpu cores after HT is disabled.
     
  3. Revenge

    Revenge Active Member

    469
    93
    28
    Feb 21, 2016
    Portugal
    Ratings:
    +354
    Local Time:
    10:05 PM
    1.9.x
    10.1.x
    If anyone wants to try the exploit, here is a proof of concept.

    bbbrumley/portsmash

    This one steals the private key from a TLS session, but it can be changed to steal anything.
     
  4. eva2000

    eva2000 Administrator Staff Member

    52,727
    12,074
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,601
    Local Time:
    7:05 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    seems to require openssl 1.1.0h or lower ? Centmin Mod Nginx uses 1.1.0i or 1.1.1 out of box now in 123.09beta01
     
  5. Revenge

    Revenge Active Member

    469
    93
    28
    Feb 21, 2016
    Portugal
    Ratings:
    +354
    Local Time:
    10:05 PM
    1.9.x
    10.1.x
    For that proof of concept. Anyone with the know how, can change the exploit to steal 1.0.0i or 1.1.1.
     
  6. eva2000

    eva2000 Administrator Staff Member

    52,727
    12,074
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,601
    Local Time:
    7:05 AM
    Nginx 1.27.x
    MariaDB 10.x/11.4+
    Ah I see :)
    OpenSSL folks seem to be working on commits in their master branch for this openssl/openssl