Not to be fixed
Created: Mar 21, 2024
Updated: Mar 25, 2024
Resolved Date: Mar 24, 2024
Found In Version: 10.23.30.1
Severity: Standard
Applicable for: Wind River Linux LTS 23
Component/s: Userspace
wolfssl: Fault Injection vulnerability in RsaPrivateDecryption function that potentially allows an attacker that has access to the same system with a victims process to perform a Rowhammer fault injection. Thanks to Junkai Liang, Zhi Zhang, Xin Zhang, Qingni Shen for the report (Peking University, The University of Western Australia)."
https://github.com/wolfSSL/wolfssl/releases
CREATE(Triage):(User=admin) CVE-2024-1545 (https://nvd.nist.gov/vuln/detail/CVE-2024-1545)