Scheduled maintenance: Some features related to account registration and licensing may be temporarily unavailable from Friday (May 8) at 1 PM to Sunday (May 10) at 5 PM (PST).

Wind River Support Network

HomeDefectsLIN9-7228
Fixed

LIN9-7228 : Security Advisory - mbedtls - CVE-2018-0498

Created: Aug 1, 2018    Updated: Dec 24, 2018
Resolved Date: Oct 31, 2018
Found In Version: unknown
Fix Version: 9.0.0.19
Severity: Standard
Applicable for: Wind River Linux 9
Component/s: Userspace

Description

ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows local users to achieve partial plaintext recovery (for a CBC based ciphersuite) via a cache-based side-channel attack.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0498

Other Downloads

CVEs

  • Linkedin
  • Facebook
  • Twitter
  • Youtube