Side-Channel Protection Against Cache-Line Resolution Attacks
CVE-2024-1543

5.5MEDIUM

Key Information:

Vendor: Wolfssl
Status: Wolfssl
Vendor: CVE Published:; 29 August 2024

Summary

The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-channel attacker with cache-line resolution. In a controlled environment such as Intel SGX, an attacker can gain a per instruction sub-cache-line resolution allowing them to break the cache-line-level protection. For details on the attack refer to: https://doi.org/10.46586/tches.v2024.i1.457-500

Affected Version(s)

wolfSSL 0 <= 5.6.5

References

https://github.com/wolfSSL/wolfssl/blob/master/ChangeLog....

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Aug 29, 2024
Vulnerability Reserved
Feb 15, 2024