Arch Linux: 202003-7 Advisory High: mbedtls Private Key Recovery

Arch Linux Security Advisory ASA-202003-7
========================================
Severity: High
Date    : 2020-03-11
CVE-ID  : CVE-2019-18222
Package : mbedtls
Type    : private key recovery
Remote  : No
Link    : https://security.archlinux.org/AVG-1104

Summary
======
The package mbedtls before version 2.16.5-1 is vulnerable to private
key recovery.

Resolution
=========
Upgrade to 2.16.5-1.

# pacman -Syu "mbedtls>=2.16.5-1"

The problem has been fixed upstream in version 2.16.5.

Workaround
=========
None.

Description
==========
The ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto before
3.0.1 and Mbed TLS before 2.20.0, 2.16.4 or 2.7.13 does not reduce the
blinded scalar before computing the inverse, which allows a local
attacker to recover the private key via side-channel attacks.

Impact
=====
A local attacker can recover an ECDSA private key via side-channel
attacks.

References
=========
https://security.archlinux.org/CVE-2019-18222