PT-2024-18127 · Wolfssl+1 · Wolfssl+1

Published

2024-08-29

Updated

2024-09-04

CVE-2024-1543

CVSS v3.1

5.5

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions wolfSSL versions up to 5.6.5

Description The side-channel protected T-Table implementation in wolfSSL protects against a side-channel attacker with cache-line resolution. However, in a controlled environment such as Intel SGX, an attacker can gain a per instruction sub-cache-line resolution, allowing them to break the cache-line-level protection.

Recommendations For wolfSSL versions up to 5.6.5, update to a version later than 5.6.5 to resolve the issue. At the moment, there is no information about other specific mitigation measures for this vulnerability.

Fix

Side Channel Attack

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-203CWE-208

Related Identifiers

CVE-2024-1543

Affected Products

Debian

Wolfssl

PT-2024-18127 · Wolfssl+1 · Wolfssl+1

CVE-2024-1543

Weakness Enumeration

Related Identifiers

Affected Products

References · 11