Wind River Support Network

HomeDefectsLIN8-5332
Acknowledged

LIN8-5332 : Security Advisory - wolfssl - CVE-2016-7438

Created: Dec 15, 2016    Updated: May 29, 2018
Found In Version: 8.0.0.11
Severity: Standard
Applicable for: Wind River Linux 8
Component/s: Userspace

Description

The C software implementation of ECC in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-7438

CVEs

Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube