Your submission was sent successfully! Close

CVE-2020-10941

Published: 24 March 2020

Arm Mbed TLS before 2.16.5 allows attackers to obtain sensitive information (an RSA private key) by measuring cache usage during an import.

Priority

Medium

CVSS 3 base score: 5.9

Status

Package Release Status
mbedtls
Launchpad, Ubuntu, Debian
bionic Needs triage

eoan Ignored
(reached end-of-life)
focal Needs triage

groovy Not vulnerable
(2.16.5-1ubuntu1)
hirsute Not vulnerable
(2.16.5-1ubuntu1)
impish Not vulnerable
(2.16.5-1ubuntu1)
jammy Not vulnerable
(2.16.5-1ubuntu1)
precise Does not exist

trusty Does not exist

upstream
Released (2.16.5-1)
xenial Ignored
(end of standard support, was needs-triage)