Описание
Arm Mbed TLS before 2.6.15 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.
Arm Mbed TLS before 2.6.15 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-10941
- https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5JPE2HFBDJF3UBT6Q4VWLKNKCVCMX25J
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WD6OSOLLAR2AVPJAMGUKWRXN6477IHHV
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/5JPE2HFBDJF3UBT6Q4VWLKNKCVCMX25J
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WD6OSOLLAR2AVPJAMGUKWRXN6477IHHV
- https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-02
Связанные уязвимости
Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.
Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.
Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.
Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive inform ...
Уязвимость реализации протоколов TLS и SSL программного обеспечения Mbed TLS, связанная с непринятием мер по шифрованию защищаемых данных, позволяющая нарушителю раскрыть закрытый ключ RSA