Upstream information
Description
Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.)SUSE information
Overall state of this security issue: Does not affect SUSE products
This issue is currently rated as having moderate severity.
| National Vulnerability Database | |
|---|---|
| Base Score | 2.6 |
| Vector | AV:N/AC:H/Au:N/C:P/I:N/A:N |
| Access Vector | Network |
| Access Complexity | High |
| Authentication | None |
| Confidentiality Impact | Partial |
| Integrity Impact | None |
| Availability Impact | None |
| National Vulnerability Database | |
|---|---|
| Base Score | 5.3 |
| Vector | CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N |
| Attack Vector | Network |
| Attack Complexity | High |
| Privileges Required | None |
| User Interaction | Required |
| Scope | Unchanged |
| Confidentiality Impact | High |
| Integrity Impact | None |
| Availability Impact | None |
| CVSSv3 Version | 3.1 |
SUSE Timeline for this CVE
CVE page created: Fri Sep 27 10:57:59 2019CVE page last modified: Tue Jan 30 16:27:18 2024