Page 5 of 32 results (0.003 seconds)

CVSS: 5.3EPSS: 0%CPEs: 3EXPL: 1

An issue was discovered in Arm Mbed TLS before 2.23.0. Because of a side channel in modular exponentiation, an RSA private key used in a secure enclave could be disclosed. Se ha detectado un problema en Arm Mbed TLS versiones anteriores a 2.23.0. Debido a un canal lateral en la exponenciación modular, una clave privada RSA usada en un enclave seguro podría ser divulgada • https://bugs.gentoo.org/730752 https://github.com/ARMmbed/mbedtls/issues/3394 https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.7 https://github.com/ARMmbed/mbedtls/releases/tag/v2.23.0 https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html • CWE-203: Observable Discrepancy •

CVSS: 4.9EPSS: 0%CPEs: 5EXPL: 0

In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX. En Trusted Firmware Mbed versión TLS versión 2.24.0, una vulnerabilidad de canal lateral en la decodificación de archivos PEM base64, permite a atacantes a nivel de sistema (administrador) obtener información sobre claves RSA secretas por medio de un ataque de canal controlado y de canal lateral en el software ejecutándose entornos aislados que pueden ser de un solo paso, especialmente Intel SGX • https://github.com/ARMmbed/mbedtls/releases https://github.com/UzL-ITS/util-lookup/blob/main/cve-vulnerability-publication.md https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DRRVY7DMTX3ECFNZKDYTSFEG5AI2HBC6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EYJW7HAW3TDV2YMDFYXP3HD6WRQRTLJW • CWE-203: Observable Discrepancy •

CVSS: 5.5EPSS: 0%CPEs: 7EXPL: 0

A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length. Un canal lateral de sincronización Lucky versión 13, en la función mbedtls_ssl_decrypt_buf en el archivo library/ssl_msg.c en Trusted Firmware Mbed TLS versiones hasta 2.23.0, permite a un atacante recuperar información de la clave secreta. Esto afecta al modo CBC debido a una diferencia de tiempo calculada basada en una longitud de relleno • https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OSOFUD6UTGTDDSQRS62BPXDU52I6PUA https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IRPBHCQKZXHVKOP5O5EWE7P76AWGUXQJ https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OD3NM6GD73CTFFRBKG5G2ACXGG7QQHCC https://tls.mbed.org/tech-updates/security-advisories https://tls.mbed.org/tech-updates/security-adv • CWE-203: Observable Discrepancy •

CVSS: 4.7EPSS: 0%CPEs: 5EXPL: 0

An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by (1) reconstructing the projective coordinate of the result of scalar multiplication by exploiting side channels in the conversion to affine coordinates; (2) using an attack described by Naccache, Smart, and Stern in 2003 to recover a few bits of the ephemeral scalar from those projective coordinates via several measurements; and (3) using a lattice attack to get from there to the long-term ECDSA private key used for the signatures. Typically an attacker would have sufficient access when attacking an SGX enclave and controlling the untrusted OS. Se detectó un problema en Arm Mbed TLS versiones anteriores a 2.16.6 y 2.7.x versiones anteriores a 2.7.15. Un atacante que puede obtener mediciones de canal lateral lo suficientemente precisas que puede recuperar la clave privada ECDSA a largo plazo al (1) reconstruir la coordenada proyectiva del resultado de la multiplicación escalar explotando canales laterales en la conversión a coordenadas afines; (2) usar un ataque descrito por Naccache, Smart y Stern en 2003 para recuperar algunos bits del escalar efímero de esas coordenadas proyectivas por medio de varias mediciones; y (3) usar un ataque de red para llegar desde allí a la clave privada ECDSA a largo plazo utilizada para las firmas. • https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/FCWN5HIF4CJ2LZTOMEBJ7Q4IMMV7ZU2V https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZNOS2IIBH5WNJXZUV546PY7666DE7Y3L https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.6-and-2.7.15-released https://tls.mbed.org/tech-updates/security-advisories https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advi • CWE-203: Observable Discrepancy CWE-327: Use of a Broken or Risky Cryptographic Algorithm •

CVSS: 5.9EPSS: 0%CPEs: 5EXPL: 0

Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import. Arm Mbed TLS versiones anteriores a 2.16.5, permite a atacantes obtener información confidencial (una clave privada RSA) al medir el uso de la memoria caché durante una importación. • https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5JPE2HFBDJF3UBT6Q4VWLKNKCVCMX25J https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WD6OSOLLAR2AVPJAMGUKWRXN6477IHHV https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-02 •