CVE-2020-10932

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2020-10932
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-10932.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2020-10932
Downstream
Related
Published
2020-04-15T14:15:20.123Z
Modified
2026-04-16T00:08:11.951881158Z
Severity
  • 4.7 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before 2.7.15. An attacker that can get precise enough side-channel measurements can recover the long-term ECDSA private key by (1) reconstructing the projective coordinate of the result of scalar multiplication by exploiting side channels in the conversion to affine coordinates; (2) using an attack described by Naccache, Smart, and Stern in 2003 to recover a few bits of the ephemeral scalar from those projective coordinates via several measurements; and (3) using a lattice attack to get from there to the long-term ECDSA private key used for the signatures. Typically an attacker would have sufficient access when attacking an SGX enclave and controlling the untrusted OS.

Database specific 
{
    "unresolved_ranges": [
        {
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "last_affected": "10.0"
                }
            ],
            "cpe": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"
        },
        {
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "last_affected": "31"
                }
            ],
            "cpe": "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*"
        },
        {
            "source": "CPE_FIELD",
            "extracted_events": [
                {
                    "last_affected": "32"
                }
            ],
            "cpe": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*"
        }
    ]
}
References

Affected packages

Git / github.com/Mbed-TLS/mbedtls

Affected ranges

Type
GIT
Repo
https://github.com/Mbed-TLS/mbedtls
Events
Introduced
32605dc83042d737e715a685e53176388d73540e
Fixed
21522a49aa0d1e8b76e9b4d5d289f95cd85f2782
Introduced
fb1972db23da39bd11d4f9c9ea6266eee665605b
Fixed
2a1d9332d55d1270084232e42df08fdb08129f1b
Database specific 
{
    "source": "CPE_FIELD",
    "extracted_events": [
        {
            "introduced": "2.7.0"
        },
        {
            "fixed": "2.7.15"
        },
        {
            "introduced": "2.16.0"
        },
        {
            "fixed": "2.16.6"
        }
    ],
    "cpe": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*"
}

Affected versions

mbedtls-2.*
mbedtls-2.16.0
mbedtls-2.16.2
mbedtls-2.16.3
mbedtls-2.16.4
mbedtls-2.16.5
mbedtls-2.7.0
mbedtls-2.7.1
mbedtls-2.7.11
mbedtls-2.7.12
mbedtls-2.7.13
mbedtls-2.7.14
mbedtls-2.7.2
mbedtls-2.7.2-rc1
mbedtls-2.7.3
mbedtls-2.7.4
mbedtls-2.7.5
mbedtls-2.7.6
mbedtls-2.7.7
mbedtls-2.7.8
mbedtls-2.7.9

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-10932.json"