2 matches found
Fault Injection
Overview Affected versions of this package are vulnerable to Fault Injection through the wced25519signmsg function. An attacker can disclose sensitive information and escalate privileges by exploiting the Rowhammer fault injection technique to manipulate the ed25519key structure. This is only...
PT-2024-22582 · Wolfssl +1 · Wolfssl +1
Name of the Vulnerable Software and Affected Versions: WolfSSL versions 5.6.6 and earlier Description: The issue is related to a Fault Injection vulnerability in the wc ed25519 sign msg function in WolfSSL, which affects the ed25519 key structure. This vulnerability allows a remote attacker...