CVE-2019-18222

MEDIUM4.7

The ECDSA signature implementation in ecdsa

Published Jan 23, 2020

Modified 1 years ago

Details

The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 and Mbed TLS through 2.19.1 does not reduce the blinded scalar before computing the inverse, which allows a local attacker to recover the private key via side-channel attacks.

References

WEB

https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html

ADVISORY

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A3GWQNONS7GRORXZJ7MOJFUEJ2ZJ4OUW/

ADVISORY

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NGDACU65MYZXXVPQP2EBHUJGOR4RWLVY/

WEB

https://tls.mbed.org/tech-updates/security-advisories

WEB

https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-12

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2019-18222

CVSS Analysis

CVSS v3.1

4.7

Exploitability

Attack Vector

LocalAV:L

Attack Complexity

HighAC:H

Privileges Required

LowPR:L

User Interaction

NoneUI:N

Scope

UnchangedS:U

Impact

Confidentiality

HighC:H

Integrity

NoneI:N

Availability

NoneA:N

4.7/CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Ecosystems

Timeline

PublishedJan 23, 2020

ModifiedAug 5, 2024

CVE-2019-18222 | Mondoo Vulnerability Intelligence