Wind River Support Network

HomeDefectsLIN1023-4333
Not to be fixed

LIN1023-4333 : Security Advisory - wolfssl - CVE-2024-1545

Created: Mar 21, 2024    Updated: Mar 25, 2024
Resolved Date: Mar 24, 2024
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Userspace

Description

wolfssl: Fault Injection vulnerability in RsaPrivateDecryption function that potentially allows an attacker that has access to the same system with a victims process to perform a Rowhammer fault injection. Thanks to Junkai Liang, Zhi Zhang, Xin Zhang, Qingni Shen for the report (Peking University, The University of Western Australia)."

https://github.com/wolfSSL/wolfssl/releases

CREATE(Triage):(User=admin) CVE-2024-1545 (https://nvd.nist.gov/vuln/detail/CVE-2024-1545)
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube