{"id":"CVE-2018-12437","details":"LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.","modified":"2026-04-16T06:16:04.077589098Z","published":"2018-06-15T02:29:00.487Z","related":["openSUSE-SU-2024:11003-1"],"references":[{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202007-53"},{"type":"EVIDENCE","url":"https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/libtom/libtomcrypt","events":[{"introduced":"0"},{"last_affected":"e08fd8630f9d9771226466877064055ee7e863d0"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"1.18.1"}]}}],"versions":["0.75","0.76","0.77","0.78","0.79","0.80","0.81","0.82","0.83","0.84","0.85","0.86","0.87","0.88","0.89","0.90","0.91","0.92","0.93","0.94","0.95","0.96","0.97","0.97a","0.97b","0.98","0.99","1.00","1.01","1.02","1.03","1.04","1.05","1.06","1.07","1.08","1.09","1.10","1.11","1.12","1.13","1.14","1.15","1.16","1.17","v1.18.0","v1.18.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-12437.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"3.5.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"}]}