CVE-2019-16910

MEDIUM

Arm Mbed TLS <2.19.0 & Arm Mbed Crypto <2.0.0 - Info Disclosure

Title source: llm

Description

Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.)

References (7)

Core 7

Core References

Mailing List, Third Party Advisory vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PEHHH2DOBXB25CAU3Q6E66X723VAYTB5/

Mailing List, Third Party Advisory vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CSFFOROD6IVLADZHNJC2LPDV7FQRP7XB/

Mailing List, Third Party Advisory vendor-advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CGSKQSGR5SOBRBXDSSPTCDSBB5K3GMPF/

Mailing List, Third Party Advisory mailing-list

https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html

Patch

https://github.com/ARMmbed/mbedtls/commit/298a43a77ec0ed2c19a8c924ddd8571ef3e65dfd

View Patch ZIP pw:eip

Patch

https://github.com/ARMmbed/mbedtls/commit/33f66ba6fd234114aa37f0209dac031bb2870a9b

View Patch ZIP pw:eip

Vendor Advisory

https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-10

Scores

CVSS v3 5.3

EPSS 0.0092

EPSS Percentile 76.2%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N

Details

Status published

Products (6)

arm/mbed_crypto < 2.0.0

arm/mbed_tls < 2.7.12

debian/debian_linux 10.0

fedoraproject/fedora 29

fedoraproject/fedora 30

fedoraproject/fedora 31

Published Sep 26, 2019

Tracked Since Feb 18, 2026