Wind River Support Network

HomeDefectsLIN8-9546

Fixed

LIN8-9546 : Security Advisory - mbedtls - CVE-2018-0498

Created: Aug 1, 2018 Updated: Dec 21, 2018

Resolved Date: Oct 29, 2018

Found In Version: 8.0.0.26

Fix Version: 8.0.0.28

Severity: Standard

Applicable for: Wind River Linux 8

Component/s: Userspace

Description

ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0498

Other Downloads

Wind River Linux 8.0.0.28
Wind River Linux 8.0.0.29
Wind River Linux 8.0.0.30
Wind River Linux 8.0.0.31
Wind River Linux 8.0.0.32
Wind River Linux 8.0.0.33
Wind River Linux 8.0.0.34

CVEs

CVE-2018-0498