MGASA-2020-0053
- Source
- https://advisories.mageia.org/MGASA-2020-0053.html
- Import Source
- https://advisories.mageia.org/MGASA-2020-0053.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/MGASA-2020-0053
- Related
- Published
- 2020-01-28T07:52:40Z
- Modified
- 2020-01-28T07:28:12Z
- Summary
- Updated mbedtls packages fix security vulnerabilities
- Details
-
This update from mbedTLS 2.16.2 to mbedTLS 2.16.4 fixes several security vulnerabilities, among which:
The deterministic ECDSA calculation reused the scheme's HMAC-DRBG to implement blinding. Because of this for the same key and message the same blinding value was generated. This reduced the effectiveness of the countermeasure and leaked information about the private key through side channels (CVE-2019-16910).
Fix side channel vulnerability in ECDSA. Our bignum implementation is not constant time/constant trace, so side channel attacks can retrieve the blinded value, factor it (as it is smaller than RSA keys and not guaranteed to have only large prime factors), and then, by brute force, recover the key (CVE-2019-18222).
See release notes for details.
- References
-
- https://advisories.mageia.org/MGASA-2020-0053.html
- https://bugs.mageia.org/show_bug.cgi?id=25952
- https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.3-and-2.7.12-released
- https://tls.mbed.org/tech-updates/releases/mbedtls-2.16.4-and-2.7.13-released
- https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-10
- https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12
- Credits
-
-
- Mageia - COORDINATOR
-