Описание
An issue was discovered in wolfSSL before 4.5.0, when single precision is not employed. Local attackers can conduct a cache-timing attack against public key operations. These attackers may already have obtained sensitive information if the affected system has been used for private key operations (e.g., signing with a private key).
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 4.5.0+dfsg-2 |
| esm-apps/bionic | needed | |
| esm-apps/focal | needed | |
| esm-apps/jammy | not-affected | 4.5.0+dfsg-2 |
| esm-apps/noble | not-affected | 4.5.0+dfsg-2 |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | DNE | |
| focal | ignored | end of standard support, was needed |
| groovy | not-affected | 4.5.0+dfsg-2 |
Показывать по
6.9 Medium
CVSS2
7 High
CVSS3
Связанные уязвимости
An issue was discovered in wolfSSL before 4.5.0, when single precision is not employed. Local attackers can conduct a cache-timing attack against public key operations. These attackers may already have obtained sensitive information if the affected system has been used for private key operations (e.g., signing with a private key).
An issue was discovered in wolfSSL before 4.5.0, when single precision ...
An issue was discovered in wolfSSL before 4.5.0, when single precision is not employed. Local attackers can conduct a cache-timing attack against public key operations. These attackers may already have obtained sensitive information if the affected system has been used for private key operations (e.g., signing with a private key).
6.9 Medium
CVSS2
7 High
CVSS3