Описание
An issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is enabled. DSA signing uses the BEEA algorithm during modular inversion of the nonce, leading to a side-channel attack against the nonce.
Ссылки
- PatchThird Party Advisory
- Release NotesThird Party Advisory
- PatchThird Party Advisory
- Release NotesThird Party Advisory
Уязвимые конфигурации
EPSS
5.3 Medium
CVSS3
4.3 Medium
CVSS2
Дефекты
Связанные уязвимости
An issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is enabled. DSA signing uses the BEEA algorithm during modular inversion of the nonce, leading to a side-channel attack against the nonce.
An issue was discovered in wolfSSL before 4.3.0 in a non-default confi ...
An issue was discovered in wolfSSL before 4.3.0 in a non-default configuration where DSA is enabled. DSA signing uses the BEEA algorithm during modular inversion of the nonce, leading to a side-channel attack against the nonce.
EPSS
5.3 Medium
CVSS3
4.3 Medium
CVSS2