CVE-2024-5288: Safe-error attack on TLS 1.3 Protocol
First published: Tue Aug 27 2024(Updated: )
An issue was discovered in wolfSSL before 5.7.0. A safe-error attack via Rowhammer, namely FAULT+PROBE, leads to ECDSA key disclosure. When WOLFSSL_CHECK_SIG_FAULTS is used in signing operations with private ECC keys, such as in server-side TLS connections, the connection is halted if any fault occurs. The success rate in a certain amount of connection requests can be processed via an advanced technique for ECDSA key recovery.
Credit: facts@wolfssl.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| wolfSSL | <5.7.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2024-5288?
CVE-2024-5288 has been evaluated as a high-severity vulnerability due to the potential for ECDSA key disclosure.
How do I fix CVE-2024-5288?
To fix CVE-2024-5288, upgrade wolfSSL to version 5.7.2 or later, which addresses the vulnerability.
What kind of attack is described in CVE-2024-5288?
CVE-2024-5288 describes a safe-error attack via Rowhammer, specifically the FAULT+PROBE technique.
Which versions of wolfSSL are affected by CVE-2024-5288?
wolfSSL versions prior to 5.7.0 are affected by CVE-2024-5288.
How does CVE-2024-5288 affect server-side TLS connections?
CVE-2024-5288 can cause the connection to halt during signing operations with private ECC keys when using WOLFSSL_CHECK_SIG_FAULTS.
- agent/title
- agent/references
- agent/weakness
- agent/type
- agent/description
- agent/first-publish-date
- agent/severity
- agent/author
- agent/event
- collector/nvd-api
- source/NVD
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- agent/source
- agent/softwarecombine
- agent/tags
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/wolfssl
- canonical/wolfssl