[openssl-users] CVE-201-0737

Matt Caswell matt at openssl.org
Mon Apr 16 16:35:09 UTC 2018

On 16/04/18 16:59, Scott Neugroschl wrote:
> Hi,
> I'm trying to make sure I have grokked this advisory properly.
> The advisory says this is a cache timing side channel attack on key generation.   So am I correct in assuming that a potential attacker must
> 1) Already have access to the system
> 2) Have sufficient privilege to be able to access cache info



More information about the openssl-users mailing list