CVE-2024-5288

Name of the Vulnerable Software and Affected Versions wolfSSL versions prior to 5.7.0

Description An issue was discovered in wolfSSL that leads to ECDSA key disclosure via a safe-error attack using Rowhammer, known as FAULT+PROBE. When WOLFSSL CHECK SIG FAULTS is used in signing operations with private ECC keys, such as in server-side TLS connections, the connection is halted if any fault occurs. The success rate in a certain amount of connection requests can be processed via an advanced technique for ECDSA key recovery.

Recommendations To resolve the issue, update to wolfSSL version 5.7.0 or later. As a temporary workaround, consider disabling the use of WOLFSSL CHECK SIG FAULTS in signing operations with private ECC keys until a patch is available. Restrict access to server-side TLS connections to minimize the risk of exploitation. Avoid using private ECC keys in signing operations until the issue is resolved.