A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2020-09-02T00:00:00

Updated: 2024-08-04T13:37:53.587Z

Reserved: 2020-07-30T00:00:00

Link: CVE-2020-16150

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2020-09-02T16:15:12.363

Modified: 2024-11-21T05:06:51.490

Link: CVE-2020-16150

cve-icon Redhat

No data.