AVG-1386 log

Package mbedtls
Status Fixed
Severity High
Type private key recovery
Affected 2.16.7-1
Fixed 2.25.0-1
Current 2.27.0-1 [community]
Ticket FS#69128
Created Sun Dec 27 12:20:12 2020
Issue Severity Remote Type Description
CVE-2020-16150 High No Private key recovery
A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover...
Date Advisory Package Type
08 Jan 2021 ASA-202101-7 mbedtls private key recovery