logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2018-0498

Description

ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack.


Affected Software


CPE Name Name Version
arm:mbed_tls arm mbed tls 2.12.0
arm:mbed_tls arm mbed tls 2.7.5
arm:mbed_tls arm mbed tls 2.1.14
debian:debian_linux debian debian linux 8.0
debian:debian_linux debian debian linux 9.0

Related