vulnerability
Ubuntu: USN-4267-1 (CVE-2018-0498): ARM mbed TLS vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 2 | (AV:L/AC:M/Au:N/C:P/I:N/A:N) | Jul 28, 2018 | Feb 6, 2020 | Mar 22, 2023 |
Severity
2
CVSS
(AV:L/AC:M/Au:N/C:P/I:N/A:N)
Published
Jul 28, 2018
Added
Feb 6, 2020
Modified
Mar 22, 2023
Description
ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack.
Solution(s)
ubuntu-upgrade-libmbedcrypto0ubuntu-upgrade-libmbedtls10ubuntu-upgrade-libmbedx509-0
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.