DATABASE RESOURCES PRICING ABOUT US

{"id": "FREEBSD_PKG_4C69240FF02C11EA838A0011D823EEBD.NASL", "type": "nessus", "bulletinFamily": "scanner", "title": "FreeBSD : Mbed TLS -- Local side channel attack on classical CBC decryption in (D)TLS (4c69240f-f02c-11ea-838a-0011d823eebd)", "description": "Manuel Pegourie-Gonnard reports :\n\nWhen decrypting/authenticating (D)TLS record in a connection using a CBC ciphersuite without the Encrypt-then-Mac extension RFC 7366, Mbed TLS used dummy rounds of the compression function associated with the hash used for HMAC in order to hide the length of the padding to remote attackers, as recommended in the original Lucky Thirteen paper.\n\nA local attacker who is able to observe the state of the cache could monitor the presence of mbedtls_md_process() in the cache in order to determine when the actual computation ends and when the dummy rounds start. This is a reliable target as it's always called at least once, in response to a previous attack. The attacker can then continue with one of many well-documented Lucky 13 variants.", "published": "2020-09-08T00:00:00", "modified": "2020-09-16T00:00:00", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cvss2": {}, "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "href": "https://www.tenable.com/plugins/nessus/140312", "reporter": "This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["http://www.nessus.org/u?b543877b", "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-16150", "http://www.nessus.org/u?dee90615"], "cvelist": ["CVE-2020-16150"], "immutableFields": [], "lastseen": "2021-08-19T12:13:14", "viewCount": 2, "enchantments": {"dependencies": {"references": [{"type": "archlinux", "idList": ["ASA-202101-7"]}, {"type": "cve", "idList": ["CVE-2020-16150"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-16150"]}, {"type": "fedora", "idList": ["FEDORA:4146E30B789C", "FEDORA:49AF030C0ACD", "FEDORA:B0945304C6B2"]}, {"type": "freebsd", "idList": ["4C69240F-F02C-11EA-838A-0011D823EEBD"]}, {"type": "mageia", "idList": ["MGASA-2020-0370"]}, {"type": "nessus", "idList": ["FEDORA_2020-48A1AE610C.NASL", "FEDORA_2020-8B0D59BAC6.NASL"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-16150"]}, {"type": "veracode", "idList": ["VERACODE:27513"]}]}, "score": {"value": -0.4, "vector": "NONE"}, "backreferences": {"references": [{"type": "archlinux", "idList": ["ASA-202101-7"]}, {"type": "cve", "idList": ["CVE-2020-16150"]}, {"type": "debiancve", "idList": ["DEBIANCVE:CVE-2020-16150"]}, {"type": "fedora", "idList": ["FEDORA:4146E30B789C", "FEDORA:49AF030C0ACD", "FEDORA:B0945304C6B2"]}, {"type": "freebsd", "idList": ["4C69240F-F02C-11EA-838A-0011D823EEBD"]}, {"type": "nessus", "idList": ["FEDORA_2020-48A1AE610C.NASL"]}, {"type": "ubuntucve", "idList": ["UB:CVE-2020-16150"]}]}, "exploitation": null, "vulnersScore": -0.4}, "pluginID": "140312", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from the FreeBSD VuXML database :\n#\n# Copyright 2003-2020 Jacques Vidrine and contributors\n#\n# Redistribution and use in source (VuXML) and 'compiled' forms (SGML,\n# HTML, PDF, PostScript, RTF and so forth) with or without modification,\n# are permitted provided that the following conditions are met:\n# 1. Redistributions of source code (VuXML) must retain the above\n# copyright notice, this list of conditions and the following\n# disclaimer as the first lines of this file unmodified.\n# 2. Redistributions in compiled form (transformed to other DTDs,\n# published online in any format, converted to PDF, PostScript,\n# RTF and other formats) must reproduce the above copyright\n# notice, this list of conditions and the following disclaimer\n# in the documentation and/or other materials provided with the\n# distribution.\n# \n# THIS DOCUMENTATION IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS \"AS IS\"\n# AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,\n# THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR\n# PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS\n# BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY,\n# OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT\n# OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR\n# BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY,\n# WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE\n# OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS DOCUMENTATION,\n# EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140312);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/16\");\n\n script_cve_id(\"CVE-2020-16150\");\n\n script_name(english:\"FreeBSD : Mbed TLS -- Local side channel attack on classical CBC decryption in (D)TLS (4c69240f-f02c-11ea-838a-0011d823eebd)\");\n script_summary(english:\"Checks for updated package in pkg_info output\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote FreeBSD host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Manuel Pegourie-Gonnard reports :\n\nWhen decrypting/authenticating (D)TLS record in a connection using a\nCBC ciphersuite without the Encrypt-then-Mac extension RFC 7366, Mbed\nTLS used dummy rounds of the compression function associated with the\nhash used for HMAC in order to hide the length of the padding to\nremote attackers, as recommended in the original Lucky Thirteen paper.\n\nA local attacker who is able to observe the state of the cache could\nmonitor the presence of mbedtls_md_process() in the cache in order to\ndetermine when the actual computation ends and when the dummy rounds\nstart. This is a reliable target as it's always called at least once,\nin response to a previous attack. The attacker can then continue with\none of many well-documented Lucky 13 variants.\"\n );\n # https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b543877b\"\n );\n # https://vuxml.freebsd.org/freebsd/4c69240f-f02c-11ea-838a-0011d823eebd.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?dee90615\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:freebsd:freebsd:mbedtls\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:freebsd:freebsd\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/01\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/06\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"FreeBSD Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/FreeBSD/release\", \"Host/FreeBSD/pkg_info\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"freebsd_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/FreeBSD/release\")) audit(AUDIT_OS_NOT, \"FreeBSD\");\nif (!get_kb_item(\"Host/FreeBSD/pkg_info\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\n\nif (pkg_test(save_report:TRUE, pkg:\"mbedtls<2.16.8\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_note(port:0, extra:pkg_report_get());\n else security_note(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "naslFamily": "FreeBSD Local Security Checks", "cpe": ["p-cpe:/a:freebsd:freebsd:mbedtls", "cpe:/o:freebsd:freebsd"], "solution": "Update the affected package.", "nessusSeverity": "Low", "cvssScoreSource": "", "vpr": {"risk factor": "Low", "score": "3.6"}, "exploitAvailable": false, "exploitEase": "No known exploits are available", "patchPublicationDate": "2020-09-06T00:00:00", "vulnerabilityPublicationDate": "2020-09-01T00:00:00", "exploitableWith": [], "_state": {"dependencies": 1660012827, "score": 1659984668}, "_internal": {"score_hash": "3c143ed6b5c89a837830ad0b50af60b6"}}

{"nessus": [{"lastseen": "2021-08-19T12:12:46", "description": "- Update to 2.16.8\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2020-09-17T00:00:00", "type": "nessus", "title": "Fedora 31 : mbedtls (2020-48a1ae610c)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-16150"], "modified": "2020-09-21T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mbedtls", "cpe:/o:fedoraproject:fedora:31"], "id": "FEDORA_2020-48A1AE610C.NASL", "href": "https://www.tenable.com/plugins/nessus/140621", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-48a1ae610c.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140621);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/21\");\n\n script_cve_id(\"CVE-2020-16150\");\n script_xref(name:\"FEDORA\", value:\"2020-48a1ae610c\");\n\n script_name(english:\"Fedora 31 : mbedtls (2020-48a1ae610c)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\" - Update to 2.16.8\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-48a1ae610c\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected mbedtls package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mbedtls\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:31\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^31([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 31\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC31\", reference:\"mbedtls-2.16.8-1.fc31\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mbedtls\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-08-19T12:12:38", "description": "- Update to 2.16.8\n\nNote that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as possible without introducing additional issues.", "cvss3": {"score": 5.5, "vector": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N"}, "published": "2020-09-24T00:00:00", "type": "nessus", "title": "Fedora 32 : mbedtls (2020-8b0d59bac6)", "bulletinFamily": "scanner", "cvss2": {}, "cvelist": ["CVE-2020-16150"], "modified": "2020-09-28T00:00:00", "cpe": ["p-cpe:/a:fedoraproject:fedora:mbedtls", "cpe:/o:fedoraproject:fedora:32"], "id": "FEDORA_2020-8B0D59BAC6.NASL", "href": "https://www.tenable.com/plugins/nessus/140762", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2020-8b0d59bac6.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(140762);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/09/28\");\n\n script_cve_id(\"CVE-2020-16150\");\n script_xref(name:\"FEDORA\", value:\"2020-8b0d59bac6\");\n\n script_name(english:\"Fedora 32 : mbedtls (2020-8b0d59bac6)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\" - Update to 2.16.8\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2020-8b0d59bac6\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\"Update the affected mbedtls package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:N/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:mbedtls\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:32\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/09/02\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/24\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^32([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 32\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC32\", reference:\"mbedtls-2.16.8-1.fc32\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_NOTE,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"mbedtls\");\n}\n", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "archlinux": [{"lastseen": "2021-07-28T14:33:56", "description": "Arch Linux Security Advisory ASA-202101-7\n=========================================\n\nSeverity: High\nDate : 2021-01-08\nCVE-ID : CVE-2020-16150\nPackage : mbedtls\nType : private key recovery\nRemote : No\nLink : https://security.archlinux.org/AVG-1386\n\nSummary\n=======\n\nThe package mbedtls before version 2.25.0-1 is vulnerable to private\nkey recovery.\n\nResolution\n==========\n\nUpgrade to 2.25.0-1.\n\n# pacman -Syu \"mbedtls>=2.25.0-1\"\n\nThe problem has been fixed upstream in version 2.25.0.\n\nWorkaround\n==========\n\nNone.\n\nDescription\n===========\n\nA Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in\nlibrary/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an\nattacker to recover secret key information. This affects CBC mode\nbecause of a computed time difference based on a padding length. The\nissue is fixed in Mbed TLS 2.24.0, 2.16.8 and 2.7.17.\n\nImpact\n======\n\nAn attacker might be able to recover secret key information via a side-\nchannel.\n\nReferences\n==========\n\nhttps://bugs.archlinux.org/task/69128\nhttps://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1\nhttps://security.archlinux.org/CVE-2020-16150", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2021-01-08T00:00:00", "type": "archlinux", "title": "[ASA-202101-7] mbedtls: private key recovery", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16150"], "modified": "2021-01-08T00:00:00", "id": "ASA-202101-7", "href": "https://security.archlinux.org/ASA-202101-7", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "veracode": [{"lastseen": "2022-07-26T16:58:36", "description": "mbedtls is vulnerable to information disclosure. A Lucky 13 timing side channel in `mbedtls_ssl_decrypt_buf` in `library/ssl_msg.c` allows an attacker to recover secret key information.\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-10-02T06:09:39", "type": "veracode", "title": "Information Disclosure", "bulletinFamily": "software", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16150"], "modified": "2020-10-05T03:51:23", "id": "VERACODE:27513", "href": "https://sca.analysiscenter.veracode.com/vulnerability-database/security/1/1/sid-27513/summary", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "mageia": [{"lastseen": "2022-04-18T11:19:34", "description": "mbedtls 2.16.8 fixes three security vulnerabilities which could affect earlier releases: Local side channel attack on classical CBC decryption in (D)TLS (CVE-2020-16150). Local side channel attack on RSA and static Diffie-Hellman. Protocol weakness in DHE-PSK key exchange. \n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-09-27T20:06:37", "type": "mageia", "title": "Updated mbedtls packages fix security vulnerabilities\n", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16150"], "modified": "2020-09-27T20:06:37", "id": "MGASA-2020-0370", "href": "https://advisories.mageia.org/MGASA-2020-0370.html", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "freebsd": [{"lastseen": "2022-01-19T15:51:30", "description": "\n\nManuel P\u00e9gouri\u00e9-Gonnard reports:\n\nWhen decrypting/authenticating (D)TLS record in a connection using\n\t a CBC ciphersuite without the Encrypt-then-Mac extension RFC 7366,\n\t Mbed TLS used dummy rounds of the compression function associated\n\t with the hash used for HMAC in order to hide the length of the\n\t padding to remote attackers, as recommended in the original Lucky\n\t Thirteen paper.\nA local attacker who is able to observe the state of the cache\n\t could monitor the presence of mbedtls_md_process() in the cache in\n\t order to determine when the actual computation ends and when the\n\t dummy rounds start. This is a reliable target as it's always called\n\t at least once, in response to a previous attack. The attacker can\n\t then continue with one of many well-documented Lucky 13\n\t variants.\n\n\n", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-09-01T00:00:00", "type": "freebsd", "title": "Mbed TLS -- Local side channel attack on classical CBC decryption in (D)TLS", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16150"], "modified": "2020-09-01T00:00:00", "id": "4C69240F-F02C-11EA-838A-0011D823EEBD", "href": "https://vuxml.freebsd.org/freebsd/4c69240f-f02c-11ea-838a-0011d823eebd.html", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "ubuntucve": [{"lastseen": "2022-08-04T13:26:45", "description": "A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in\nlibrary/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an\nattacker to recover secret key information. This affects CBC mode because\nof a computed time difference based on a padding length.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-09-02T00:00:00", "type": "ubuntucve", "title": "CVE-2020-16150", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16150"], "modified": "2020-09-02T00:00:00", "id": "UB:CVE-2020-16150", "href": "https://ubuntu.com/security/CVE-2020-16150", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "cve": [{"lastseen": "2022-03-23T14:09:50", "description": "A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-09-02T16:15:00", "type": "cve", "title": "CVE-2020-16150", "cwe": ["CWE-203"], "bulletinFamily": "NVD", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16150"], "modified": "2020-11-05T17:47:00", "cpe": [], "id": "CVE-2020-16150", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-16150", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}, "cpe23": []}], "fedora": [{"lastseen": "2021-07-28T14:46:51", "description": "Mbed TLS is a light-weight open source cryptographic and SSL/TLS library written in C. Mbed TLS makes it easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) applications with as little hassle as possible. FOSS License Exception: https://tls.mbed.org/foss-license-exception ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-09-16T14:40:28", "type": "fedora", "title": "[SECURITY] Fedora 31 Update: mbedtls-2.16.8-1.fc31", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16150"], "modified": "2020-09-16T14:40:28", "id": "FEDORA:4146E30B789C", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/5OSOFUD6UTGTDDSQRS62BPXDU52I6PUA/", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Mbed TLS is a light-weight open source cryptographic and SSL/TLS library written in C. Mbed TLS makes it easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) applications with as little hassle as possible. FOSS License Exception: https://tls.mbed.org/foss-license-exception ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-09-23T17:13:06", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: mbedtls-2.16.8-1.fc32", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16150"], "modified": "2020-09-23T17:13:06", "id": "FEDORA:B0945304C6B2", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/IRPBHCQKZXHVKOP5O5EWE7P76AWGUXQJ/", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}, {"lastseen": "2021-07-28T14:46:51", "description": "Mbed TLS is a light-weight open source cryptographic and SSL/TLS library written in C. Mbed TLS makes it easy for developers to include cryptographic and SSL/TLS capabilities in their (embedded) applications with as little hassle as possible. FOSS License Exception: https://tls.mbed.org/foss-license-exception ", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 5.5, "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2020-09-25T17:17:14", "type": "fedora", "title": "[SECURITY] Fedora 33 Update: mbedtls-2.16.8-1.fc33", "bulletinFamily": "unix", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16150"], "modified": "2020-09-25T17:17:14", "id": "FEDORA:49AF030C0ACD", "href": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/thread/OD3NM6GD73CTFFRBKG5G2ACXGG7QQHCC/", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}], "debiancve": [{"lastseen": "2022-07-15T06:00:42", "description": "A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.", "cvss3": {"exploitabilityScore": 1.8, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "LOCAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "baseScore": 5.5, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1", "userInteraction": "NONE"}, "impactScore": 3.6}, "published": "2020-09-02T16:15:00", "type": "debiancve", "title": "CVE-2020-16150", "bulletinFamily": "info", "cvss2": {"severity": "LOW", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "PARTIAL", "availabilityImpact": "NONE", "integrityImpact": "NONE", "baseScore": 2.1, "vectorString": "AV:L/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "impactScore": 2.9, "acInsufInfo": false, "obtainUserPrivilege": false}, "cvelist": ["CVE-2020-16150"], "modified": "2020-09-02T16:15:00", "id": "DEBIANCVE:CVE-2020-16150", "href": "https://security-tracker.debian.org/tracker/CVE-2020-16150", "cvss": {"score": 2.1, "vector": "AV:L/AC:L/Au:N/C:P/I:N/A:N"}}]}