ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Mbed_tls | Arm | * | 2.1.14 (excluding) |
Mbed_tls | Arm | 2.2.0 (including) | 2.7.5 (excluding) |
Mbed_tls | Arm | 2.8.0 (including) | 2.12.0 (excluding) |