CVE-2022-42961

An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure. Users performing signing operations with private ECC keys, such as in server-side TLS connections, might leak faulty ECC signatures. These signatures can be processed via an advanced technique for ECDSA key recovery. (In 5.5.0 and later, WOLFSSL_CHECK_SIG_FAULTS can be used to address the vulnerability.)

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.0-stable	Release Notes Third Party Advisory
https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.0-stable	Release Notes Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*

History

21 Nov 2024, 07:25

Type	Values Removed	Values Added
References	~~() https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.0-stable - Release Notes, Third Party Advisory~~	() https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.0-stable - Release Notes, Third Party Advisory

Information

Published : 2022-10-15 04:15

Updated : 2024-11-21 07:25

NVD link : CVE-2022-42961

Mitre link : CVE-2022-42961

CVE.ORG link : CVE-2022-42961

JSON object : View

Products Affected

wolfssl

wolfssl

CWE

NVD-CWE-Other

{"id": "CVE-2022-42961", "metrics": {"cvssMetricV31": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}]}, "published": "2022-10-15T04:15:17.703", "references": [{"url": "https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.0-stable", "tags": ["Release Notes", "Third Party Advisory"], "source": "cve@mitre.org"}, {"url": "https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.0-stable", "tags": ["Release Notes", "Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-Other"}]}], "descriptions": [{"lang": "en", "value": "An issue was discovered in wolfSSL before 5.5.0. A fault injection attack on RAM via Rowhammer leads to ECDSA key disclosure. Users performing signing operations with private ECC keys, such as in server-side TLS connections, might leak faulty ECC signatures. These signatures can be processed via an advanced technique for ECDSA key recovery. (In 5.5.0 and later, WOLFSSL_CHECK_SIG_FAULTS can be used to address the vulnerability.)"}, {"lang": "es", "value": "Se ha detectado un problema en wolfSSL versiones anteriores a 5.5.0. Un ataque de inyecci\u00f3n de fallos en la RAM por medio de Rowhammer conlleva a una divulgaci\u00f3n de claves ECDSA. Los usuarios que llevan a cabo operaciones de firma con claves ECC privadas, como en las conexiones TLS del lado del servidor, podr\u00edan filtrar firmas ECC defectuosas. Estas firmas pueden ser procesadas por medio de una t\u00e9cnica avanzada de recuperaci\u00f3n de claves ECDSA. (En la versi\u00f3n 5.5.0 y posteriores, puede usarse WOLFSSL_CHECK_SIG_FAULTS para abordar la vulnerabilidad)"}], "lastModified": "2024-11-21T07:25:41.433", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "429B1D46-A7C6-4510-89E4-88222C933D0B", "versionEndExcluding": "5.5.0"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}