An issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can recover a private key (for RSA or static Diffie-Hellman) via a side-channel attack against generation of base blinding/unblinding values.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 12 | all | mbedtls | < 2.16.9-0.1 | mbedtls_2.16.9-0.1_all.deb |
Debian | 11 | all | mbedtls | < 2.16.9-0.1 | mbedtls_2.16.9-0.1_all.deb |
Debian | 10 | all | mbedtls | < 2.16.9-0~deb10u1 | mbedtls_2.16.9-0~deb10u1_all.deb |
Debian | 999 | all | mbedtls | < 2.16.9-0.1 | mbedtls_2.16.9-0.1_all.deb |
Debian | 13 | all | mbedtls | < 2.16.9-0.1 | mbedtls_2.16.9-0.1_all.deb |