CVE-2018-0495

MEDIUM

Libgcrypt < 1.7.10 and 1.8.x < 1.8.3 - ECDSA Key Discovery via Memory-Cache Side-Channel Attack

Title source: llm

Exploitation Summary

EIP tracks 2 public exploits for CVE-2018-0495. PoCs published by vaishakhcv, winterwolf32.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2018-0495, a side-channel vulnerability in OpenSSL's ECDSA implementation. The PoC uses a Flush+Reload attack to extract private keys from a vulnerable OpenSSL server.

Description

Libgcrypt before 1.7.10 and 1.8.x before 1.8.3 allows a memory-cache side-channel attack on ECDSA signatures that can be mitigated through the use of blinding during the signing process in the _gcry_ecc_ecdsa_sign function in cipher/ecc-ecdsa.c, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.

Exploits (2)

github WORKING POC 1 stars

by vaishakhcv · perlpoc

https://github.com/vaishakhcv/CVE-exploits/tree/master/CVE-2018-0495

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2018-0495, a side-channel vulnerability in OpenSSL's ECDSA implementation. The PoC uses a Flush+Reload attack to extract private keys from a vulnerable OpenSSL server.

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Complex

Reliability

Reliable

Target: OpenSSL 1.1.0h

No auth needed

Prerequisites: vulnerable OpenSSL version · local access or co-located execution · specific CPU features for Flush+Reload

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 27, 2026 Full analysis →

github WORKING POC

by winterwolf32 · perlpoc

https://github.com/winterwolf32/CVE_Exploits-/tree/master/CVE-2018-0495

View Code ZIP pw:eip

Classification

Working Poc 95%

Attack Type

Info Leak

Complexity

Complex

Reliability

Reliable

Target: OpenSSL 1.1.0h

No auth needed

Prerequisites: vulnerable OpenSSL version · local access or specific conditions for side-channel attack

MITRE ATT&CK

T1005 - Data from Local System T1552 - Unsecured Credentials

devstral-2 · analyzed Feb 27, 2026 Full analysis →

References (21)

Core 21

Core References

Various Sources x_refsource_misc

https://git.gnupg.org/cgi-bin/gitweb.cgi?p=libgcrypt.git%3Ba=commit%3Bh=9010d1576e278a4274ad3f4aa15776c28f6ba965

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1041144

Third Party Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/3850-1/

Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack

http://www.securitytracker.com/id/1041147

Exploit, Third Party Advisory x_refsource_misc

https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/

Third Party Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/3689-1/

Vendor Advisory x_refsource_misc

https://lists.gnupg.org/pipermail/gnupg-announce/2018q2/000426.html

Third Party Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/3689-2/

Third Party Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/3692-2/

Mailing List, Third Party Advisory mailing-list x_refsource_mlist

https://lists.debian.org/debian-lts-announce/2018/06/msg00013.html

Third Party Advisory vendor-advisory x_refsource_debian

https://www.debian.org/security/2018/dsa-4231

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:3505

Third Party Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/3850-2/

Third Party Advisory vendor-advisory x_refsource_ubuntu

https://usn.ubuntu.com/3692-1/

Third Party Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2018:3221

Patch, Vendor Advisory x_refsource_misc

https://dev.gnupg.org/T4011

Patch, Third Party Advisory x_refsource_misc

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2019:1297

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2019:1296

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2019:1543

Vendor Advisory vendor-advisory x_refsource_redhat

https://access.redhat.com/errata/RHSA-2019:2237

Scores

CVSS v3 4.7

EPSS 0.0089

EPSS Percentile 54.5%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Details

CWE

CWE-203

Status published

Products (14)

canonical/ubuntu_linux 12.04

canonical/ubuntu_linux 14.04

canonical/ubuntu_linux 16.04

canonical/ubuntu_linux 17.10

canonical/ubuntu_linux 18.04

canonical/ubuntu_linux 18.10

debian/debian_linux 8.0

debian/debian_linux 9.0

gnupg/libgcrypt < 1.7.10

oracle/traffic_director 11.1.1.9.0

... and 4 more

Published Jun 13, 2018

Tracked Since Feb 18, 2026