CVE-2024-1543

The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-channel attacker with cache-line resolution. In a controlled environment such as Intel SGX, an attacker can gain a per instruction sub-cache-line resolution allowing them to break the cache-line-level protection. For details on the attack refer to: https://doi.org/10.46586/tches.v2024.i1.457-500
Configurations

Configuration 1 (hide)

cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*

History

04 Sep 2024, 14:26

Type Values Removed Values Added
CWE CWE-203
References () https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-566-dec-19-2023 - () https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog.md#wolfssl-release-566-dec-19-2023 - Release Notes
Summary
  • (es) La implementación de T-Table protegida por canal lateral en wolfSSL hasta la versión 5.6.5 protege contra un atacante de canal lateral con resolución de línea de caché. En un entorno controlado como Intel SGX, un atacante puede obtener una resolución de línea de subcaché por instrucción que le permita romper la protección a nivel de línea de caché. Para obtener detalles sobre el ataque, consulte: https://doi.org/10.46586/tches.v2024.i1.457-500
CPE cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*
First Time Wolfssl
Wolfssl wolfssl
CVSS v2 : unknown
v3 : 4.1
v2 : unknown
v3 : 5.5

29 Aug 2024, 23:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-08-29 23:15

Updated : 2024-09-04 14:26


NVD link : CVE-2024-1543

Mitre link : CVE-2024-1543

CVE.ORG link : CVE-2024-1543


JSON object : View

Products Affected

wolfssl

  • wolfssl
CWE
CWE-203

Observable Discrepancy

CWE-208

Observable Timing Discrepancy