CVE-2022-25332
SK_LOAD timing side channel during AES module decryption in Texas Instruments OMAP L138
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The AES implementation in the Texas Instruments OMAP L138 (secure variants), present in mask ROM, suffers from a timing side channel which can be exploited by an adversary with non-secure supervisor privileges by managing cache contents and collecting timing information for different ciphertext inputs. Using this side channel, the SK_LOAD secure kernel routine can be used to recover the Customer Encryption Key (CEK).
La implementación de AES en Texas Instruments OMAP L138 (variantes seguras), presente en la máscara ROM, sufre de un canal lateral de temporización que puede ser explotado por un adversario con privilegios de supervisor no seguros al administrar el contenido de la caché y recopilar información de temporización para diferentes entradas de texto cifrado. Usando este canal lateral, la rutina de kernel segura SK_LOAD se puede usar para recuperar el Customer Encryption Key (CEK).
CVSS Scores
SSVC
- Decision:-
Timeline
- 2022-02-18 CVE Reserved
- 2023-10-19 CVE Published
- 2023-10-20 EPSS Updated
- 2024-08-03 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-203: Observable Discrepancy
- CWE-208: Observable Timing Discrepancy
CAPEC
References (1)
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Ti Search vendor "Ti" | Omap L138 Firmware Search vendor "Ti" for product "Omap L138 Firmware" | - | - |
Affected
| in | Ti Search vendor "Ti" | Omap L138 Search vendor "Ti" for product "Omap L138" | - | - |
Safe
|