CVE-2020-16150
published 2020-09-02CVE-2020-16150: A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret…
PriorityP424medium5.5CVSS 3.1
AVLACLPRLUINSUCHINAN
EPSS
0.37%
28.7th percentile
A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.
Affected
12 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| arm | mbed_tls | < 2.7.17 | 2.7.17 |
| arm | mbed_tls | >= 2.17.0 < 2.24.0 | 2.24.0 |
| arm | mbed_tls | >= 2.8.0 < 2.16.8 | 2.16.8 |
| debian | debian_linux | — | — |
| debian | mbedtls | < mbedtls 2.16.9-0.1 (bookworm) | mbedtls 2.16.9-0.1 (bookworm) |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| mbed | mbedtls | >= 0 < 2.16.9-0.1 | 2.16.9-0.1 |
| mbed | mbedtls | >= 0 < 2.16.9-0.1 | 2.16.9-0.1 |
| mbed | mbedtls | >= 0 < 2.16.9-0.1 | 2.16.9-0.1 |
| mbed | mbedtls | >= 0 < 2.16.9-0.1 | 2.16.9-0.1 |
CVSS provenance
nvdv3.15.5MEDIUMCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
nvdv2.02.1LOWAV:L/AC:L/Au:N/C:P/I:N/A:N
osv5.5MEDIUM
vendor_debian5.5MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Debian
CVE-2020-16150: mbedtls - A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c i...
vendor_debian·2020·CVSS 5.5
CVE-2020-16150 [MEDIUM] CVE-2020-16150: mbedtls - A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c i...
A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.
Scope: local
bookworm: resolved (fixed in 2.16.9-0.1)
bullseye: resolved (fixed in 2.16.9-0.1)
forky: resolved (fixed in 2.16.9-0.1)
sid: resolved (fixed in 2.16.9-0.1)
trixie: resolved (fixed in 2.16.9-0.1)
GHSA
GHSA-fgr3-j7rx-4hfv: A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg
ghsa_unreviewed·2022-05-24
CVE-2020-16150 [LOW] CWE-203 GHSA-fgr3-j7rx-4hfv: A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg
A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.
OSV
CVE-2020-16150: A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg
osv·2020-09-02·CVSS 5.5
CVE-2020-16150 [MEDIUM] CVE-2020-16150: A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg
A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.
No detection rules found.
No public exploits indexed.
arXiv
SoK: Where's the "up"?! A Comprehensive (bottom-up) Study on the Security of Arm Cortex-M Systems
arxiv_fulltext·2024-05-13
SoK: Where's the "up"?! A Comprehensive (bottom-up) Study on the Security of Arm Cortex-M Systems
[1]
hlcolorRGB20, 255, 20hlcolor
blackZiming: #1
[1]
hlcolorRGB20, 255, 20hlcolor
blackJun: #1
[1]
hlcolorRGB20, 255, 20hlcolor
blackLe: #1
[1]
hlcolorRGB255, 241, 158hlcolor
blackZheyuan: #1
[1]
hlcolorRGB255, 20, 20hlcolor
blackZQ: #1
[1]
hlcolorRGB0,32,96hlcolor
whiteXi: #1
arch
[1]
arch
#1A [2]arch. #1
bug
[1]
bug
#1B [2]bug. #1
limitation
[1]
limitation
4pt #1L [2]limitation. #1
issue
[1]
issue
4pt #1I [2]issue. #1
defense
[1]
defense
4pt #1D [2]defense. #1
test
[1]
test
T [2]-test. #1
recommendation
[1]
recommendation
4pt #1R [2]recommendation. #1
plain
[2]tabular@#1@#2tabular
* [1]
* [1] [baseline=(char.base)]
[shape=circle,draw,inner sep=2pt] (char) #1;
* [1] [baseline=(char.base)]
[shape=circle,draw,inner sep=1pt] (char) #1;
.5em
[1]picture(1,1)
0=#1 (.
Bugzilla
CVE-2020-16150 mbedtls: local side channel attack on classical CBC decryption in (D)TLS [fedora-all]
bugzilla·2020-09-02·CVSS 5.5
CVE-2020-16150 [MEDIUM] CVE-2020-16150 mbedtls: local side channel attack on classical CBC decryption in (D)TLS [fedora-all]
CVE-2020-16150 mbedtls: local side channel attack on classical CBC decryption in (D)TLS [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of fedora-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects mult
Bugzilla
CVE-2020-16150 mbedtls: local side channel attack on classical CBC decryption in (D)TLS [epel-all]
bugzilla·2020-09-02·CVSS 5.5
CVE-2020-16150 [MEDIUM] CVE-2020-16150 mbedtls: local side channel attack on classical CBC decryption in (D)TLS [epel-all]
CVE-2020-16150 mbedtls: local side channel attack on classical CBC decryption in (D)TLS [epel-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of epel-all.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple
Bugzilla
CVE-2020-16150 mbedtls: local side channel attack on classical CBC decryption in (D)TLS
bugzilla·2020-09-02·CVSS 5.5
CVE-2020-16150 [MEDIUM] CVE-2020-16150 mbedtls: local side channel attack on classical CBC decryption in (D)TLS
CVE-2020-16150 mbedtls: local side channel attack on classical CBC decryption in (D)TLS
A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.
References:
https://tls.mbed.org/tech-updates/security-advisories
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1
Discussion:
Created mbedtls tracking bugs for this issue:
Affects: epel-all [bug 1875048]
Affects: fedora-all [bug 1875049]
---
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Ref
https://lists.debian.org/debian-lts-announce/2022/12/msg00036.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OSOFUD6UTGTDDSQRS62BPXDU52I6PUA/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IRPBHCQKZXHVKOP5O5EWE7P76AWGUXQJ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OD3NM6GD73CTFFRBKG5G2ACXGG7QQHCC/https://tls.mbed.org/tech-updates/security-advisorieshttps://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1https://lists.debian.org/debian-lts-announce/2022/12/msg00036.htmlhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OSOFUD6UTGTDDSQRS62BPXDU52I6PUA/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IRPBHCQKZXHVKOP5O5EWE7P76AWGUXQJ/https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OD3NM6GD73CTFFRBKG5G2ACXGG7QQHCC/https://tls.mbed.org/tech-updates/security-advisorieshttps://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1
2020-09-02
Published