Описание
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | mysql55-mysql | Not affected | ||
| Red Hat Enterprise Linux 6 | mysql | Not affected | ||
| Red Hat Enterprise Linux 7 | mariadb | Not affected | ||
| Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse) | mariadb-galera | Not affected | ||
| Red Hat Enterprise Linux OpenStack Platform 6 (Juno) | mariadb-galera | Not affected | ||
| Red Hat Enterprise Linux OpenStack Platform 7 (Kilo) | mariadb-galera | Not affected | ||
| Red Hat OpenStack Platform 10 (Newton) | mariadb-galera | Not affected | ||
| Red Hat OpenStack Platform 11 (Ocata) | mariadb-galera | Not affected | ||
| Red Hat OpenStack Platform 12 (Pike) | mariadb-galera | Not affected | ||
| Red Hat OpenStack Platform 8 (Liberty) | mariadb-galera | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
5.1 Medium
CVSS3
1.2 Low
CVSS2
Связанные уязвимости
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
The C software implementation of AES Encryption and Decryption in wolf ...
The C software implementation of AES Encryption and Decryption in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences.
EPSS
5.1 Medium
CVSS3
1.2 Low
CVSS2