The RSA-CRT implementation in PolarSSL prior to 1.2.9 does not properly perform Montgomery multiplication, which might allow remote malicious users to conduct a timing side-channel attack and retrieve RSA private keys.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
polarssl polarssl 0.10.0 |
||
polarssl polarssl 0.10.1 |
||
polarssl polarssl 0.14.3 |
||
polarssl polarssl 0.99 |
||
polarssl polarssl 1.1.0 |
||
polarssl polarssl 1.1.1 |
||
polarssl polarssl |
||
polarssl polarssl 1.2.7 |
||
polarssl polarssl 0.12.0 |
||
polarssl polarssl 0.12.1 |
||
polarssl polarssl 0.13.1 |
||
polarssl polarssl 1.0.0 |
||
polarssl polarssl 1.1.4 |
||
polarssl polarssl 1.1.5 |
||
polarssl polarssl 1.2.3 |
||
polarssl polarssl 1.2.2 |
||
polarssl polarssl 0.14.0 |
||
polarssl polarssl 0.14.2 |
||
polarssl polarssl 1.1.6 |
||
polarssl polarssl 1.1.8 |
||
polarssl polarssl 1.2.1 |
||
polarssl polarssl 1.2.0 |
||
polarssl polarssl 0.11.0 |
||
polarssl polarssl 0.11.1 |
||
polarssl polarssl 1.1.2 |
||
polarssl polarssl 1.1.3 |
||
polarssl polarssl 1.2.6 |
||
polarssl polarssl 1.2.5 |
||
polarssl polarssl 1.2.4 |