[openssl-users] CVE-201-0737
Scott Neugroschl
scott_n at xypro.com
Mon Apr 16 15:59:58 UTC 2018
Hi,
I'm trying to make sure I have grokked this advisory properly.
The advisory says this is a cache timing side channel attack on key generation. So am I correct in assuming that a potential attacker must
1) Already have access to the system
2) Have sufficient privilege to be able to access cache info
Or am I completely mistaken here?
Thanks,
ScottN
---
Scott Neugroschl | XYPRO Technology Corporation
4100 Guardian Street | Suite 100 |Simi Valley, CA 93063 | Phone 805 583-2874|Fax 805 583-0124 |
More information about the openssl-users
mailing list