CVE-2015-5738: Infoleak
First published: Tue Jul 26 2016(Updated: )
The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy (PFS), makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Marvell Software Development Kit | =2.0 | |
| Marvell Octeon Ii Cn6000 | ||
| Marvell Octeon Ii Cn6010 | ||
| Marvell Octeon Ii Cn6020 | ||
| F5 Traffix Signaling Delivery Controller | >=3.3.2<=3.5.1 | |
| F5 Traffix Signaling Delivery Controller | >=4.0.0<=4.4.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- agent/author
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- collector/nvd-api
- agent/software-canonical-lookup-request
- collector/nvd-index
- agent/severity
- agent/weakness
- agent/references
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/marvell
- canonical/marvell software development kit
- version/marvell software development kit/2.0
- canonical/marvell octeon ii cn6000
- canonical/marvell octeon ii cn6010
- canonical/marvell octeon ii cn6020
- vendor/f5
- canonical/f5 traffix signaling delivery controller
- version/f5 traffix signaling delivery controller/3.3.2
- version/f5 traffix signaling delivery controller/3.5.1
- version/f5 traffix signaling delivery controller/4.0.0
- version/f5 traffix signaling delivery controller/4.4.0