CVE-2018-0497

Name
CVE-2018-0497
Description
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows remote attackers to achieve partial plaintext recovery (for a CBC based ciphersuite) via a timing-based side-channel attack. This vulnerability exists because of an incorrect fix (with a wrong SHA-384 calculation) for CVE-2013-0169.
NVD Severity
medium
Other trackers
CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia
Mailing lists
oss-security, full-disclosure, bugtraq
Exploits
Exploit DB, Metasploit
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Mitigation https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-02
Third Party Advisory https://www.debian.org/security/2018/dsa-4296
Mailing List https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html
UBUNTU https://usn.ubuntu.com/4267-1/

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:* mbed_tls >= 2.2.0 < 2.7.5
cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:* mbed_tls >= None < 2.1.14
cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:* mbed_tls >= 2.8.0 < 2.12.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
mbedtls2 edge-community 2.12.0-r0 None fixed
mbedtls2 3.22-community 2.12.0-r0 None fixed
mbedtls2 3.21-community 2.12.0-r0 None fixed
mbedtls2 3.20-community 2.12.0-r0 None fixed
mbedtls edge-main 2.12.0-r0 None fixed
mbedtls 3.22-main 2.12.0-r0 None fixed
mbedtls 3.21-main 2.12.0-r0 None fixed
mbedtls 3.20-main 2.12.0-r0 None fixed
mbedtls 3.19-main 2.12.0-r0 None fixed
mbedtls 3.18-main 2.12.0-r0 None fixed
mbedtls 3.17-main 2.12.0-r0 None fixed
mbedtls 3.12-main 2.12.0-r0 None fixed
mbedtls 3.11-main 2.12.0-r0 None fixed
mbedtls 3.10-main 2.12.0-r0 None fixed