[ASA-202003-7] mbedtls: private key recovery
Morten Linderud
foxboron at archlinux.org
Thu Mar 12 19:13:17 UTC 2020
Arch Linux Security Advisory ASA-202003-7
=========================================
Severity: High
Date : 2020-03-11
CVE-ID : CVE-2019-18222
Package : mbedtls
Type : private key recovery
Remote : No
Link : https://security.archlinux.org/AVG-1104
Summary
=======
The package mbedtls before version 2.16.5-1 is vulnerable to private
key recovery.
Resolution
==========
Upgrade to 2.16.5-1.
# pacman -Syu "mbedtls>=2.16.5-1"
The problem has been fixed upstream in version 2.16.5.
Workaround
==========
None.
Description
===========
The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto before
3.0.1 and Mbed TLS before 2.20.0, 2.16.4 or 2.7.13 does not reduce the
blinded scalar before computing the inverse, which allows a local
attacker to recover the private key via side-channel attacks.
Impact
======
A local attacker can recover an ECDSA private key via side-channel
attacks.
References
==========
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12
https://security.archlinux.org/CVE-2019-18222
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <https://lists.archlinux.org/pipermail/arch-security/attachments/20200312/667e3d63/attachment.sig>
More information about the arch-security
mailing list