OpenSSL have published a security advisory. Here's how it affects BoringSSL:
| CVE | Summary | Severity in OpenSSL | Impact to BoringSSL |
|---|---|---|---|
| CVE-2018-5407 | Microarchitecture timing vulnerability in ECC scalar multiplication | Low | Not affected, see discussion below |
This is a low-severity side-channel issue in OpenSSL’s ECC code. BoringSSL is not affected since we undertook a significant rewrite of the ECC code to eliminate such side-channels.
More interestingly, the attack appears to use a new method for extracting information from non-constant-time code, called PortSmash by the authors. They provoke contention on execution ports across hyperthreads and measure the resulting timing differences.
However, this is just another way of extracting information from non-constant-time code. It does not make vulnerable instruction patterns that were previously believed to be safe.