Vulnerability CVE-2019-16910
Published: 2019-09-26

Description:
Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.)

Type:

CWE-200

 (Information Exposure)

CVSS2 => (AV:N/AC:H/Au:N/C:P/I:N/A:N)

CVSS Base Score
Impact Subscore
Exploitability Subscore
2.6/10
2.9/10
4.9/10
Exploit range
Attack complexity
Authentication
Remote
High
No required
Confidentiality impact
Integrity impact
Availability impact
Partial
None
None
Affected software
Fedoraproject -> Fedora 
ARM -> Mbed tls 

 References:
https://github.com/ARMmbed/mbedtls/commit/298a43a77ec0ed2c19a8c924ddd8571ef3e65dfd
https://github.com/ARMmbed/mbedtls/commit/33f66ba6fd234114aa37f0209dac031bb2870a9b
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CGSKQSGR5SOBRBXDSSPTCDSBB5K3GMPF/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CSFFOROD6IVLADZHNJC2LPDV7FQRP7XB/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PEHHH2DOBXB25CAU3Q6E66X723VAYTB5/
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-10
Copyright 2024, cxsecurity.com

 

Back to Top