CVE-2021-24119 log
Source |
|
Severity | Medium |
Remote | No |
Type | Information disclosure |
Description | In Trusted Firmware Mbed TLS before version 2.26.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environments that can be single stepped, especially Intel SGX. |
Group | Package | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|---|
AVG-2153 | mbedtls | 2.25.0-1 | 2.26.0-1 | Medium | Fixed |
Date | Advisory | Group | Package | Severity | Type |
---|---|---|---|---|---|
14 Jul 2021 | ASA-202107-27 | AVG-2153 | mbedtls | Medium | information disclosure |