CVE-2015-5738

The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy (PFS), makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:marvell:software_development_kit:2.0:*:*:*:*:*:*:*
OR cpe:2.3:h:marvell:octeon_ii_cn6000:-:*:*:*:*:*:*:*
cpe:2.3:h:marvell:octeon_ii_cn6010:-:*:*:*:*:*:*:*
cpe:2.3:h:marvell:octeon_ii_cn6020:-:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*
cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*

History

21 Nov 2024, 02:33

Type Values Removed Values Added
References () http://fortiguard.com/advisory/rsa-crt-key-leak-under-certain-conditions - Broken Link () http://fortiguard.com/advisory/rsa-crt-key-leak-under-certain-conditions - Broken Link
References () https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf - Technical Description, Third Party Advisory () https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf - Technical Description, Third Party Advisory
References () https://support.f5.com/kb/en-us/solutions/public/k/91/sol91245485.html - Third Party Advisory () https://support.f5.com/kb/en-us/solutions/public/k/91/sol91245485.html - Third Party Advisory

16 Aug 2023, 14:17

Type Values Removed Values Added
First Time F5 traffix Signaling Delivery Controller
CPE cpe:2.3:a:f5:traffix_sdc:*:*:*:*:*:*:*:* cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*

Information

Published : 2016-07-26 17:59

Updated : 2024-11-21 02:33


NVD link : CVE-2015-5738

Mitre link : CVE-2015-5738

CVE.ORG link : CVE-2015-5738


JSON object : View

Products Affected

marvell

  • octeon_ii_cn6020
  • octeon_ii_cn6000
  • octeon_ii_cn6010
  • software_development_kit

f5

  • traffix_signaling_delivery_controller
CWE
CWE-200

Exposure of Sensitive Information to an Unauthorized Actor