CVE-2024-1543: AES T-Table sub-cache-line leakage
First published: Thu Aug 29 2024(Updated: )
The side-channel protected T-Table implementation in wolfSSL up to version 5.6.5 protects against a side-channel attacker with cache-line resolution. In a controlled environment such as Intel SGX, an attacker can gain a per instruction sub-cache-line resolution allowing them to break the cache-line-level protection. For details on the attack refer to: https://doi.org/10.46586/tches.v2024.i1.457-500
Credit: facts@wolfssl.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| wolfSSL wolfMQTT | <5.6.6 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of CVE-2024-1543?
CVE-2024-1543 has a high severity rating due to the potential for attackers to exploit side-channel vulnerabilities in the wolfSSL library.
How do I fix CVE-2024-1543?
To fix CVE-2024-1543, upgrade wolfSSL to version 5.6.6 or later to ensure mitigation of the identified vulnerabilities.
Which versions of wolfSSL are affected by CVE-2024-1543?
CVE-2024-1543 affects wolfSSL versions up to and including 5.6.5.
What type of vulnerability is CVE-2024-1543?
CVE-2024-1543 is a side-channel vulnerability that allows attackers to exploit timing information from the T-Table implementation.
Can CVE-2024-1543 be exploited in a cloud environment?
Yes, CVE-2024-1543 can potentially be exploited in a controlled environment such as cloud platforms that utilize Intel SGX.
- agent/title
- agent/references
- agent/description
- agent/first-publish-date
- agent/type
- agent/author
- agent/event
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/last-modified-date
- agent/weakness
- agent/source
- agent/tags
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/softwarecombine
- vendor/wolfssl
- canonical/wolfssl wolfmqtt