CVE-2023-6240

Marvin vulnerability side-channel leakage in the RSA decryption operation

References

Debian security tracker
cve.org
https://bugzilla.redhat.com/show_bug.cgi?id=2250843
https://securitypitfalls.wordpress.com/2023/10/16/experiment-with-side-channel-attacks-yourself/
https://people.redhat.com/~hkario/marvin/

Notes

 bwh> According to 
 bwh> this was fixed in RHEL kernel version 4.18.0-553.5.1.el8_10.
 bwh> Comparing the source with version 4.18.0-553.el8_10, I found
 bwh> backports of commit 78a0324f4a53 "crypto: akcipher - default
 bwh> implementations for request callbacks" and commit 0507de940499
 bwh> "crypto: testmgr - split akcipher tests by a key type" plus
 bwh> changes to disable private key operations completely, which
 bwh> I've extracted as
 bwh> .
 bwh> These operations have neither been fixed nor disabled upstream
 bwh> as of 6.13-rc4.

Bugs

Status

Branch	Status
upstream	needed
6.18-upstream-stable
6.17-upstream-stable
6.12-upstream-stable
6.6-upstream-stable
6.1-upstream-stable	needed
5.10-upstream-stable	needed
4.19-upstream-stable	needed
sid	needed
6.12-trixie-security	needed
6.1-bookworm-security	needed
5.10-bullseye-security	needed
4.19-buster-security	needed