CVE Vulnerabilities

CVE-2020-10941

Published: Mar 24, 2020 | Modified: Feb 24, 2023
CVSS 3.x
5.9
MEDIUM
Source:
NVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu
MEDIUM

Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.

Affected Software

Name Vendor Start Version End Version
Mbed_crypto Arm * 3.1.0 (excluding)
Mbed_tls Arm * 2.16.5 (excluding)
Mbedtls Ubuntu bionic *
Mbedtls Ubuntu eoan *
Mbedtls Ubuntu trusty *
Mbedtls Ubuntu upstream *
Mbedtls Ubuntu xenial *

References