CVE-2010-0928 (retired)

Priority
Description
OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II
Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain
signature calculations, and does not verify the signature before providing
it to a caller, which makes it easier for physically proximate attackers to
determine the private key via a modified supply voltage for the
microprocessor, related to a "fault-based attack."
Notes
 kees> if someone is glitching your powersupply, you've got other things
 kees> to worry about.
Package
Upstream:ignored
More Information

Updated: 2019-03-26 11:51:00 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)