CVE-2010-0928

SOURCE - nist

Summary

OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."

EPSS Score⁠: 0.00066 (0.286)

Common Weakness Enumeration (CWE)

SOURCE - nist

CWE-310⁠

Cryptographic Issues

Sources (5)

Impacted images

debian

CREATED

14 years ago

UPDATED

25 days ago

SOURCE IDCVE-2010-0928⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

Package	Type	OS Name	OS Version	Affected Ranges	Fix Versions
debian/openssl	deb	debian	12	>=3.0.11-1~deb12u2	Not yet available
debian/openssl	deb	debian	10	>=1.1.1n-0+deb10u3	Not yet available
debian/openssl	deb	debian	11	>=1.1.1w-0+deb11u1	Not yet available
debian/openssl	deb	debian	unstable	>=3.2.1-3	Not yet available
debian/openssl	deb	debian	13	>=3.2.1-3	Not yet available

Severity and metrics

No CVSS data available from this source.

nist

CREATED

14 years ago

UPDATED

7 years ago

SOURCE IDCVE-2010-0928⁠

EXPLOITABILITY SCORE

1.9

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)

CWE-310⁠

CVSS SCORE

4medium

ubuntu

CREATED

14 years ago

UPDATED

1 month ago

SOURCE IDCVE-2010-0928⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

redhat

CREATED

14 years ago

UPDATED

10 months ago

SOURCE IDCVE-2010-0928⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

CVSS SCORE

N/Alow

inthewild

CREATED

10 months ago

UPDATED

10 months ago

SOURCE IDCVE-2010-0928⁠

EXPLOITABILITY SCORE

EXPLOITS FOUND

COMMON WEAKNESS ENUMERATION (CWE)-

RATING UNAVAILABLE FROM SOURCE