Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Arm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when deterministic ECDSA is enabled, use an RNG with insufficient entropy for blinding, which might allow an attacker to recover a private key via side-channel attacks if a victim signs the same message many times. (For Mbed TLS, the fix is also available in versions 2.7.12 and 2.16.3.)
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ARM mbed TLS和ARM Mbed Crypto 信息泄露漏洞
Vulnerability Description
ARM mbed TLS和ARM Mbed Crypto都是英国ARM公司的产品。ARM mbed TLS是一款为mbed产品提供安全通讯和加密功能的产品。ARM Mbed Crypto是一款ARM平台安全体系结构(PSA)的加密接口的实现。 Arm Mbed TLS 2.19.0之前版本和Arm Mbed Crypto 2.0.0之前版本中存在安全漏洞。攻击者可利用该漏洞恢复私钥。
CVSS Information
N/A
Vulnerability Type
N/A