SB2020070202 - Multiple vulnerabilities in Mbed TLS

Description

This security bulletin contains information about 3 secuirty vulnerabilities.

1) Cryptographic issues (CVE-ID: CVE-2020-36422)

The vulnerability allows a local user to perform a side-channel attack.

The vulnerability exists due to missing randomization in the mbedtls_ecp_check_pub_priv(), mbedtls_pk_parse_key(), mbedtls_pk_parse_keyfile(), mbedtls_ecp_mul(), and mbedtls_ecp_mul_restartable() functions in Mbed TLS. A local user can perform a side-channel attack on ECC key import and fully recover the private key after collecting a single trace of any of the affected functions.

2) Cleartext transmission of sensitive information (CVE-ID: CVE-2020-36423)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to an issue in Lucky 13 counter-measure that could make it ineffective when hardware accelerators were used (using one of the MBEDTLS_SHAxxx_ALT macros). A remote attacker can gain access to sensitive information.

3) Cryptographic issues (CVE-ID: CVE-2020-36421)

The vulnerability allows a remote attacker to perform MitM attack.

The vulnerability exists due to a side channel in modular exponentiation. A remote attacker can disclose the RSA private key used in a secure enclave.

Remediation

Install update from vendor's website.

References

• https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-07
• https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.23.0
• https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.7.16
• https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.16.7
• https://github.com/ARMmbed/mbedtls/issues/3394
• https://bugs.gentoo.org/730752
• https://github.com/ARMmbed/mbedtls/releases/tag/v2.23.0
• https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.7
• https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html