Libsunec
Monthly
The Elliptic Curve Cryptography library (aka sunec or libsunec) allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. Rated medium severity (CVSS 4.9), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.
The Elliptic Curve Cryptography library (aka sunec or libsunec) allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. Rated medium severity (CVSS 4.9), this vulnerability is no authentication required. Public exploit code available and no vendor patch available.