Main Vulnerability Database SB2020090896

SB2020090896 - Fedora EPEL 6 update for mbedtls

Published: September 8, 2020 Updated: April 25, 2025

Security Bulletin ID SB2020090896

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Information disclosure

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Side channel attack on classical CBC decryption in (D)TLS (CVE-ID: CVE-2020-16150)

The vulnerability allows a local user to perform a side-channel attack.

The vulnerability is caused due to mbed TLS used dummy rounds of the compression function associated with the hash used for HMAC in order to hide the length of the padding to remote attackers when ecrypting/authenticating (D)TLS record in a connection using a CBC ciphersuite without the Encrypt-then-Mac extension. A local user who is able to observe the state of the cache could monitor the presence of mbedtls_md_process() in the cache in order to determine when the actual computation ends and when the dummy rounds start. This is a reliable target as it's always called at least once.

Successful exploitation of the vulnerability may allow an attacker with access to enough information about the state of the cache (including, but not limited to, an untrusted operating system attacking a secure enclave such as SGX or the TrustZone secure world) to recover portions of the plaintext of a (D)TLS record.

Remediation

Install update from vendor's website.

References

https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2020-b425525e83