Description
OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2013-5843 Vulnerability (CVE-2013-5843)
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2021-33324)
MySQL CVE-2018-3283 Vulnerability (CVE-2018-3283)
Apache HTTP Server Server-Side Request Forgery (SSRF) Vulnerability (CVE-2021-40438)
Moodle Improper Input Validation Vulnerability (CVE-2009-1171)