The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy (PFS), makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack.
References
Link | Resource |
---|---|
http://fortiguard.com/advisory/rsa-crt-key-leak-under-certain-conditions | Broken Link |
https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf | Technical Description Third Party Advisory |
https://support.f5.com/kb/en-us/solutions/public/k/91/sol91245485.html | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2016-07-26T17:00:00
Updated: 2016-07-26T17:57:01
Reserved: 2015-08-05T00:00:00
Link: CVE-2015-5738
JSON object: View
NVD Information
Status : Analyzed
Published: 2016-07-26T17:59:00.137
Modified: 2023-08-16T14:17:11.363
Link: CVE-2015-5738
JSON object: View
Redhat Information
No data.
CWE