CVE 2018-0737
The OpenSSL RSA Key generation algorithm has been shown to be vulnerable to a cache timing side channel attack. An attacker with sufficient access to mount cache timing attacks during the RSA key generation process could recover the private key. Fixed in OpenSSL 1.1.0i-dev (Affected 1.1.0-1.1.0h). Fixed in OpenSSL 1.0.2p-dev (Affected 1.0.2b-1.0.2o).
Related bugs and status
CVE-2018-0737 (Candidate) is related to these bugs:
Bug #1797386: [SRU] OpenSSL 1.1.1 to 18.04 LTS
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | openssl (Ubuntu) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | openssl (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | libio-socket-ssl-perl (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | libnet-ssleay-perl (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | python-cryptography (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | python2.7 (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | python3.6 (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | python3.7 (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | r-cran-openssl (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | ruby-openssl (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | ruby2.5 (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | libwww-perl (Ubuntu) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | libwww-perl (Ubuntu Bionic) | Undecided | Fix Released | ||
| 1797386 | [SRU] OpenSSL 1.1.1 to 18.04 LTS | python-tornado (Ubuntu Bionic) | Undecided | Fix Released | ||
Bug #1811531: remote execution vulnerability
| Summary | In | Importance | Status | |||
|---|---|---|---|---|---|---|
| 1811531 | remote execution vulnerability | zeromq3 (Ubuntu) | Undecided | Fix Released | ||
| 1811531 | remote execution vulnerability | zeromq3 (Debian) | Unknown | Fix Released | ||
| 1811531 | remote execution vulnerability | zeromq (Suse) | High | Fix Released | ||
See the 
CVE page on Mitre.org
for more details.
