Bug 1152246 (CVE-2019-16910) - VUL-1: CVE-2019-16910: mbedtls: RNG with insufficient entropy when deterministic ECDSA is enabled
Summary: VUL-1: CVE-2019-16910: mbedtls: RNG with insufficient entropy when determinis...
Status: RESOLVED FIXED
Alias: CVE-2019-16910
Product: openSUSE Distribution
Classification: openSUSE
Component: Basesystem (show other bugs)
Version: Leap 42.3
Hardware: Other Other
: P4 - Low : Minor (vote)
Target Milestone: ---
Assignee: Martin Pluskal
QA Contact: Security Team bot
URL: https://smash.suse.de/issue/243412/
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2019-09-27 08:47 UTC by Alexander Bergmann
Modified: 2024-01-30 11:48 UTC (History)
2 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Alexander Bergmann 2019-09-27 08:47:04 UTC 
CVE-2019-16910

Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic
ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might
allow an attacker to recover a private key via side-channel attacks if a victim
signs the same message many times. (For Mbed TLS, the fix is also available in
versions 2.7.12 and 2.16.3.)

References:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-16910
http://www.cvedetails.com/cve/CVE-2019-16910/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-16910
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2019-10
Comment 1 Vítězslav Čížek 2019-09-27 10:29:19 UTC 
Martin,
You seem to be the mbedtls maintainer.
Could you please take care of the maintenance update?

A version update to 2.16.3 will fix this issue.
Comment 2 Marcus Meissner 2024-01-30 11:48:44 UTC 
newer leap have newer mbedtls version