Описание
An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel allows recovery of an ECC private key, related to mbedtls_ecp_check_pub_priv, mbedtls_pk_parse_key, mbedtls_pk_parse_keyfile, mbedtls_ecp_mul, and mbedtls_ecp_mul_restartable.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needs-triage |
| devel | not-affected | 2.28.0-1build1 |
| esm-apps/bionic | needed | |
| esm-apps/focal | needed | |
| esm-apps/jammy | not-affected | 2.28.0-1build1 |
| esm-apps/noble | not-affected | 2.28.0-1build1 |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | DNE | |
| focal | ignored | end of standard support, was needs-triage |
| groovy | ignored | end of life |
Показывать по
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3
Связанные уязвимости
An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel allows recovery of an ECC private key, related to mbedtls_ecp_check_pub_priv, mbedtls_pk_parse_key, mbedtls_pk_parse_keyfile, mbedtls_ecp_mul, and mbedtls_ecp_mul_restartable.
An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel allows recovery of an ECC private key, related to mbedtls_ecp_check_pub_priv, mbedtls_pk_parse_key, mbedtls_pk_parse_keyfile, mbedtls_ecp_mul, and mbedtls_ecp_mul_restartable.
An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel ...
An issue was discovered in Arm Mbed TLS before 2.23.0. A side channel allows recovery of an ECC private key, related to mbedtls_ecp_check_pub_priv, mbedtls_pk_parse_key, mbedtls_pk_parse_keyfile, mbedtls_ecp_mul, and mbedtls_ecp_mul_restartable.
Уязвимость функций mbedtls_ecp_check_pub_priv, mbedtls_pk_parse_key, mbedtls_pk_parse_keyfile, mbedtls_ecp_mul, mbedtls_ecp_mul_restartable реализации протоколов TLS и SSL Mbed TLS, позволяющая нарушителю получить доступ к конфиденциальным данным
EPSS
5 Medium
CVSS2
5.3 Medium
CVSS3