Security Advisory

CVE-2024-2881

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-08-29 23:10:59

Last updated 2024-08-30 14:18:36

Assigner wolfSSL

State PUBLISHED

Description

Fault Injection vulnerability in wc_ed25519_sign_msg function in wolfssl/wolfcrypt/src/ed25519.c in WolfSSL wolfssl5.6.6 on Linux/Windows allows remote attacker co-resides in the same system with a victim process to disclose information and escalate privileges via Rowhammer fault injection to the ed25519_key structure.

← Browse all CVEs View on cve.org ↗