Note:
This project will be discontinued after December 13, 2021. [more]
2018-06-15
LibTomCrypt through 1.18.1 allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same physical host.
Products | Libtomcrypt, Op\-Tee |
Type | Information Exposure (CWE-200) |
First patch | - None (likely due to unavailable code) |
Links |
• https://security.gentoo.org/glsa/202007-53
• https://www.nccgroup.trust/us/our-research/technical-advisory-return-of-the-hidden-number-problem/ |