Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

CVE-2010-0928

Published: 5 March 2010

OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width Exponentiation (FWE) algorithm for certain signature calculations, and does not verify the signature before providing it to a caller, which makes it easier for physically proximate attackers to determine the private key via a modified supply voltage for the microprocessor, related to a "fault-based attack."

Notes

AuthorNote
kees 
if someone is glitching your powersupply, you've got other things
to worry about.

Priority

Negligible

Status

Package Release Status
openssl
Launchpad, Ubuntu, Debian 		dapper Ignored

hardy Ignored

intrepid Ignored
(end of life, was needed)
jaunty Ignored

karmic Ignored

lucid Ignored

upstream Ignored

References

Join the discussion

Canonical is offering Expanded Security Maintenance

Canonical is offering Ubuntu Expanded Security Maintenance (ESM) for security fixes and essential packages.

Find out more about ESM ›

Further reading