logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2021-24119

Description

In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX. #### Notes Author| Note ---|--- [seth-arnold](<https://launchpad.net/~seth-arnold>) | It looks like an entire new class of side-channel-free functions was introduced in newer versions of mbedtls; backporting all of them probably doesn't make sense, this fix only makes sense in context of trying to provide constant-time execution that limits side-channel bandwidth to adversaries on the same machine.


Affected Package


OS OS Version Package Name Package Version
ubuntu 20.04 mbedtls any
ubuntu 22.04 mbedtls any
ubuntu upstream mbedtls any
ubuntu upstream mbedtls any
ubuntu 16.04 mbedtls any
ubuntu upstream polarssl any

Related