Fault Injection vulnerability in wc_ed25519_sign_msg...
Moderate severity
Unreviewed
Published
Aug 30, 2024
to the GitHub Advisory Database
•
Updated Sep 4, 2024
Description
Published by the National Vulnerability Database
Aug 30, 2024
Published to the GitHub Advisory Database
Aug 30, 2024
Last updated
Sep 4, 2024
Fault Injection vulnerability in wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the ed25519_key structure.
References