Your submission was sent successfully! Close

CVE-2021-24119

Published: 14 July 2021

In Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX.

Priority

Low

CVSS 3 base score: 4.9

Status

Package Release Status
mbedtls
Launchpad, Ubuntu, Debian
bionic Needs triage

focal Needs triage

groovy Ignored
(reached end-of-life)
hirsute Ignored
(reached end-of-life)
impish Needs triage

jammy Needs triage

trusty Does not exist

upstream Needs triage

xenial Ignored
(out of standard support)
polarssl
Launchpad, Ubuntu, Debian
bionic Does not exist

focal Does not exist

groovy Does not exist

hirsute Does not exist

impish Does not exist

jammy Does not exist

trusty Does not exist

upstream Needs triage

xenial Ignored
(out of standard support)

Notes

AuthorNote
sarnold
It looks like an entire new class of side-channel-free functions was
introduced in newer versions of mbedtls; backporting all of them probably
doesn't make sense, this fix only makes sense in context of trying to
provide constant-time execution that limits side-channel bandwidth to
adversaries on the same machine.

References

Bugs