Security Advisory

CVE-2020-16150

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-09-02 00:00:00

Last updated 2024-08-04 13:37:53

Assigner mitre

State PUBLISHED

Description

A Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/ssl_msg.c in Trusted Firmware Mbed TLS through 2.23.0 allows an attacker to recover secret key information. This affects CBC mode because of a computed time difference based on a padding length.

← Browse all CVEs View on cve.org ↗