CVE-2016-7056

Summary

A timing attack flaw was found in OpenSSL 1.0.1u and before that could allow a malicious user with local access to recover ECDSA P-256 private keys.

Affected Software

VendorProductVersion RangeStatus
The OpenSSL Projectopensslopenssl 1.0.1uaffected

Weaknesses

  • CWE-385: CWE-385

ADP Enrichment

CVE Program Container

Additional References

References