CVE-2024-45191

An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

An issue was discovered in Matrix libolm through 3.2.16. The AES implementation is vulnerable to cache-timing attacks due to use of S-boxes. This is related to software that uses a lookup table for the SubWord step. This refers to the libolm implementation of Olm. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

Se descubrió un problema en Matrix libolm (también conocido como Olm) hasta la versión 3.2.16. La implementación de AES es vulnerable a ataques de sincronización de caché debido al uso de S-boxes. Esto está relacionado con el software que utiliza una tabla de búsqueda para el paso SubWord. NOTA: Esta vulnerabilidad solo afecta a productos que ya no son compatibles con el fabricante.