OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2010-03-05T19:00:00
Updated: 2017-08-16T14:57:01
Reserved: 2010-03-05T00:00:00
Link: CVE-2010-0928
JSON object: View
NVD Information
Status : Modified
Published: 2010-03-05T19:30:00.797
Modified: 2023-11-07T02:05:11.413
Link: CVE-2010-0928
JSON object: View
Redhat Information
No data.
CWE