Описание
Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | needed | |
| esm-apps/bionic | needed | |
| esm-apps/focal | needed | |
| esm-apps/jammy | needed | |
| esm-apps/noble | needed | |
| esm-apps/xenial | needed | |
| jammy | needed | |
| noble | needed | |
| oracular | ignored | end of life, was needs-triage |
| plucky | needed |
Показывать по
EPSS
7.8 High
CVSS3
Связанные уязвимости
Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery.
Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery.
Mbed TLS before 3.6.4 has a race condition in AESNI detection if certa ...
Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery.
Уязвимость функции mbedtls_aesni_has_support() программного обеспечения Mbed TLS, позволяющая нарушителю оказать воздействие на целостность и конфиденциальность защищаемой информации
EPSS
7.8 High
CVSS3