I tried looking to see if there was a CVE assigned but there appears to be none.<p>While my understanding is this is probably not that easy to achieve, I find the statement that OpenSSL considers "hardware side-channel attacks are not in OpenSSL's threat model" to be concerning.