Cryptographic Issues

CVE-2010-0928

Medium

4/10

Summary

OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."

Access Complexity: HIGH
AccessVector: LOCAL
Authentication: NONE
Integrity Impact: NONE
Confidentiality Impact: COMPLETE
Availability Impact: NONE

CWE-310 - Cryptographic Issues

Cryptographic issues is a category of weaknesses related to the design and implementation of the confidentiality and integrity of data. If not addressed, the weaknesses in this category can lead to data quality degradation.

References

Other
Advisory
Issue
Release Note
Advisory

Advisory Timeline

Published Mar 05, 2010

Cryptographic Issues

CVE-2010-0928

Summary

CWE-310 - Cryptographic Issues

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS