2 matches found
Astra Linux – Vulnerability in mbedtls
In Arm Mbed TLS before version 2.19.0, and Arm Mbed Crypto before version 2.0.0, when deterministic ECDSA is enabled, an RNG with insufficient entropy is used for blinding. This may allow an attacker to recover a private key through side-channel attacks if a victim signs the same message multiple...
PT-2019-14862
Name of the Vulnerable Software and Affected Versions Arm Mbed TLS versions prior to 2.19.0 Arm Mbed Crypto versions prior to 2.0.0 Description The issue arises when deterministic ECDSA is enabled, and an RNG with insufficient entropy for blinding is used. This might allow an attacker to recover ...