VulnerableCode Package Details - pkg:alpm/archlinux/mbedtls@2.16.7-1

Search for packages

Vulnerability	Summary	Fixed by
VCID-gcmg-8syc-aaaj Aliases: CVE-2020-16150	A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.	2.25.0-1 Affected by 1 other vulnerability. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }}

Vulnerability

Summary

Fixed by

VCID-gcmg-8syc-aaaj
Aliases:
CVE-2020-16150

A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.

2.25.0-1
Affected by 1 other vulnerability.

Vulnerability	Summary	Aliases
VCID-mwtt-kucv-aaah	An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by (1) reconstructing the projective coordinate of the result of scalar multiplication by exploiting side channels in the conversion to affine coordinates; (2) using an attack described by Naccache, Smart, and Stern in 2003 to recover a few bits of the ephemeral scalar from those projective coordinates via several measurements; and (3) using a lattice attack to get from there to the long-term ECDSA private key used for the signatures. Typically an attacker would have sufficient access when attacking an SGX enclave and controlling the untrusted OS.	CVE-2020-10932

Vulnerability

Summary

Aliases

VCID-mwtt-kucv-aaah

An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by (1) reconstructing the projective coordinate of the result of scalar multiplication by exploiting side channels in the conversion to affine coordinates; (2) using an attack described by Naccache, Smart, and Stern in 2003 to recover a few bits of the ephemeral scalar from those projective coordinates via several measurements; and (3) using a lattice attack to get from there to the long-term ECDSA private key used for the signatures. Typically an attacker would have sufficient access when attacking an SGX enclave and controlling the untrusted OS.

CVE-2020-10932

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2025-03-28T07:46:49.438562+00:00	Arch Linux Importer	Fixing	VCID-mwtt-kucv-aaah	https://security.archlinux.org/AVG-1141	36.0.0
2025-03-28T07:45:46.640129+00:00	Arch Linux Importer	Affected by	VCID-gcmg-8syc-aaaj	https://security.archlinux.org/AVG-1386	36.0.0
2024-09-18T02:02:10.323849+00:00	Arch Linux Importer	Fixing	VCID-mwtt-kucv-aaah	https://security.archlinux.org/AVG-1141	34.0.1
2024-09-18T02:00:47.790375+00:00	Arch Linux Importer	Affected by	VCID-gcmg-8syc-aaaj	https://security.archlinux.org/AVG-1386	34.0.1
2024-01-24T11:41:55.708002+00:00	Arch Linux Importer	Fixing	VCID-mwtt-kucv-aaah	https://security.archlinux.org/AVG-1141	34.0.0rc2
2024-01-24T11:41:55.459521+00:00	Arch Linux Importer	Affected by	VCID-gcmg-8syc-aaaj	https://security.archlinux.org/AVG-1386	34.0.0rc2
2024-01-03T22:28:12.741274+00:00	Arch Linux Importer	Fixing	VCID-mwtt-kucv-aaah	https://security.archlinux.org/AVG-1141	34.0.0rc1
2024-01-03T22:27:05.661111+00:00	Arch Linux Importer	Affected by	VCID-gcmg-8syc-aaaj	https://security.archlinux.org/AVG-1386	34.0.0rc1