CVE 2018-0735
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fixed in OpenSSL 1.1.1a (Affected 1.1.1).
Related bugs and status
CVE-2018-0735 (Candidate) is related to these bugs:
Bug #1797386: [SRU] OpenSSL 1.1.1 to 18.04 LTS
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | openssl (Ubuntu) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | openssl (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | libio-socket-ssl-perl (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | libnet-ssleay-perl (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | python-cryptography (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | python2.7 (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | python3.6 (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | python3.7 (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | r-cran-openssl (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | ruby-openssl (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | ruby2.5 (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | libwww-perl (Ubuntu) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | libwww-perl (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | python-tornado (Ubuntu Bionic) | Undecided | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
