VulnerableCode Package Details - pkg:alpm/archlinux/mbedtls@2.16.5-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-mwtt-kucv-aaah Aliases: CVE-2020-10932	An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by (1) reconstructing the projective coordinate of the result of scalar multiplication by exploiting side channels in the conversion to affine coordinates; (2) using an attack described by Naccache, Smart, and Stern in 2003 to recover a few bits of the ephemeral scalar from those projective coordinates via several measurements; and (3) using a lattice attack to get from there to the long-term ECDSA private key used for the signatures. Typically an attacker would have sufficient access when attacking an SGX enclave and controlling the untrusted OS.	2.16.7-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-mwtt-kucv-aaah
Aliases:
CVE-2020-10932

An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by (1) reconstructing the projective coordinate of the result of scalar multiplication by exploiting side channels in the conversion to affine coordinates; (2) using an attack described by Naccache, Smart, and Stern in 2003 to recover a few bits of the ephemeral scalar from those projective coordinates via several measurements; and (3) using a lattice attack to get from there to the long-term ECDSA private key used for the signatures. Typically an attacker would have sufficient access when attacking an SGX enclave and controlling the untrusted OS.

2.16.7-1
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
VCID-5kj3-xdpr-aaaf	The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.	CVE-2019-18222

Vulnerability

Summary

Aliases

VCID-5kj3-xdpr-aaaf

The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.

CVE-2019-18222

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:46:49.433654+00:00	Arch Linux Importer	Affected by	VCID-mwtt-kucv-aaah	https://security.archlinux.org/AVG-1141	36.0.0
2025-03-28T07:45:53.219579+00:00	Arch Linux Importer	Fixing	VCID-5kj3-xdpr-aaaf	https://security.archlinux.org/AVG-1104	36.0.0
2024-09-18T02:02:10.318541+00:00	Arch Linux Importer	Affected by	VCID-mwtt-kucv-aaah	https://security.archlinux.org/AVG-1141	34.0.1
2024-09-18T02:00:55.661369+00:00	Arch Linux Importer	Fixing	VCID-5kj3-xdpr-aaaf	https://security.archlinux.org/AVG-1104	34.0.1
2024-01-24T11:41:55.703261+00:00	Arch Linux Importer	Affected by	VCID-mwtt-kucv-aaah	https://security.archlinux.org/AVG-1141	34.0.0rc2
2024-01-24T11:41:55.486357+00:00	Arch Linux Importer	Fixing	VCID-5kj3-xdpr-aaaf	https://security.archlinux.org/AVG-1104	34.0.0rc2
2024-01-03T22:28:12.736534+00:00	Arch Linux Importer	Affected by	VCID-mwtt-kucv-aaah	https://security.archlinux.org/AVG-1141	34.0.0rc1
2024-01-03T22:27:12.649004+00:00	Arch Linux Importer	Fixing	VCID-5kj3-xdpr-aaaf	https://security.archlinux.org/AVG-1104	34.0.0rc1