← Back

CVE-2015-5738

nvd nist
Published: Jul 26, 2016Modified: May 6, 2026

JSON object

Loading...
7.5
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 3.9 / Impact: 3.6
Source: NVD

Description

The RSA-CRT implementation in the Cavium Software Development Kit (SDK) 2.x, when used on OCTEON II CN6xxx Hardware on Linux to support TLS with Perfect Forward Secrecy (PFS), makes it easier for remote attackers to obtain private RSA keys by conducting a Lenstra side-channel attack.

Affected (3)

Marvell
1 product
Software Development Kit
F5
1 product
Traffix Signaling Delivery Controller
Configuration A
1 vulnerable · 3 platform
Vulnerable SoftwareAffected Versions
Software Development Kit
Version 2.0
Running on/withPlatform Versions
Marvell
Octeon Ii Cn6000
All versions
Marvell
Octeon Ii Cn6010
All versions
Marvell
Octeon Ii Cn6020
All versions
Configuration B
2 vulnerable
Vulnerable SoftwareAffected Versions
F5
Traffix Signaling Delivery Controller
From 3.3.2 to 3.5.1
Traffix Signaling Delivery Controller
From 4.0.0 to 4.4.0

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (6)

Source: cve@mitre.org
Broken Link
Source: cve@mitre.org
Technical DescriptionThird Party Advisory
Source: cve@mitre.org
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken Link
Source: af854a3a-2127-422b-91ae-364da2661108
Technical DescriptionThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory

Timeline

No history available yet.