I tried looking to see if there was a CVE assigned but there appears to be none.
While my understanding is this is probably not that easy to achieve, I find the statement that OpenSSL considers "hardware side-channel attacks are not in OpenSSL's threat model" to be concerning.
While my understanding is this is probably not that easy to achieve, I find the statement that OpenSSL considers "hardware side-channel attacks are not in OpenSSL's threat model" to be concerning.