Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 10:19 a.m.7 views

CVE-2019-18222

The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks...

4.7CVSS6.5AI score0.00343EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/08/07 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2019-18222

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse...

4.7CVSS6AI score0.00343EPSS
Exploits0References2
Debian
Debian
added 2022/12/25 11:33 p.m.154 views

[SECURITY] [DLA 3249-1] mbedtls security update

Debian LTS Advisory DLA-3249-1 [email protected] https://www.debian.org/lts/security/ Markus Koschany December 26, 2022 https://wiki.debian.org/LTS Package : mbedtls Version : 2.16.9-0deb10u1 CVE ID : CVE-2019-16910 CVE-2019-18222 CVE-2020-10932 CVE-2020-10941 CVE-2020-16150...

9.8CVSS6.5AI score0.02569EPSS
Exploits6
ArchLinux
ArchLinux
added 2020/03/11 12:0 a.m.36 views

[ASA-202003-7] mbedtls: private key recovery

Arch Linux Security Advisory ASA-202003-7 ========================================= Severity: High Date : 2020-03-11 CVE-ID : CVE-2019-18222 Package : mbedtls Type : private key recovery Remote : No Link : https://security.archlinux.org/AVG-1104 Summary ======= The package mbedtls before version...

4.7CVSS1.9AI score0.00343EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/02/25 12:0 a.m.44 views

FreeBSD : Mbed TLS -- Side channel attack on ECDSA (b70b880f-5727-11ea-a2f3-001cc0382b2f)

Janos Follath reports : Our bignum implementation is not constant time/constant trace, so side channel attacks can retrieve the blinded value, factor it as it is smaller than RSA keys and not guaranteed to have only large prime factors, and then, by brute force, recover the key. C Tenable Network...

4.7CVSS5.5AI score0.00343EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/02/19 12:0 a.m.41 views

Fedora 30 : mbedtls (2020-8d3ea0fe8d)

Update to 2.16.4 - CVE-2019-18222 Release notes: https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.4-and-2.7.13-r eleased Security Advisory: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security -advisory-2019-12 Note that Tenable Network Security has extracted the...

4.7CVSS5.5AI score0.00343EPSS
Exploits0References3
Cvelist
Cvelist
added 2020/01/23 12:0 a.m.37 views

CVE-2019-18222

The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks...

4.7AI score0.00343EPSS
Exploits0References5
CVE
CVE
added 2020/01/23 12:0 a.m.137 views

CVE-2019-18222

CVE-2019-18222 affects Arm Mbed Crypto 2.1 and Mbed TLS up to 2.19.1: the ECDSA implementation in ecdsa.c does not reduce the blinded scalar before the inverse, enabling local side-channel attacks to recover the private key. Several advisories report upstream fixes (e.g., 2.20.0, 3.0.1) and packa...

4.7CVSS4.6AI score0.00343EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder