| # OpenSSL Advisory: November 13th 2018 (BoringSSL Not Affected) |
| |
| OpenSSL have published a [security advisory](https://openssl-library.org/news/secadv/20181112.txt). Here's how it affects BoringSSL: |
| |
| CVE | Summary | [Severity] in OpenSSL | Impact to BoringSSL |
| ----|---------|-----------------------|--------------------- |
| CVE-2018-5407 | Microarchitecture timing vulnerability in ECC scalar multiplication | Low | Not affected, see discussion below |
| |
| [Severity]: https://openssl-library.org/policies/general/security-policy/index.html#issue-severity |
| |
| ## CVE-2018-5407 |
| |
| This is a low-severity side-channel issue in OpenSSL’s ECC code. BoringSSL is not affected since we undertook a significant rewrite of the ECC code to eliminate such side-channels. |
| |
| More interestingly, the attack appears to use a new method for extracting information from non-constant-time code, called [PortSmash](https://eprint.iacr.org/2018/1060.pdf) by the authors. They provoke contention on execution ports across hyperthreads and measure the resulting timing differences. |
| |
| However, this is just another way of extracting information from non-constant-time code. It does not make vulnerable instruction patterns that were previously believed to be safe. |
