PT-2022-27849 · Mbed Tls+2 · Mbed Tls+2
Sharad Sinha
+3
·
Published
2022-12-15
·
Updated
2026-06-05
·
CVE-2022-46392
CVSS v3.1
5.3
Medium
| Vector | AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Mbed TLS versions prior to 2.28.2
Mbed TLS versions 3.x prior to 3.3.0
Description
An issue allows an adversary with access to precise enough information about memory accesses to recover an RSA private key after observing the victim performing a single private-key operation. This is possible if the window size used for the exponentiation is 3 or smaller, specifically when
MBEDTLS MPI WINDOW SIZE is set to 3 or smaller. The attack typically involves an untrusted operating system attacking a secure enclave.Recommendations
For Mbed TLS versions prior to 2.28.2, update to version 2.28.2 or later.
For Mbed TLS versions 3.x prior to 3.3.0, update to version 3.3.0 or later.
As a temporary workaround, consider increasing the
MBEDTLS MPI WINDOW SIZE to a value larger than 3 to minimize the risk of exploitation.Fix
Side Channel Attack
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Debian
Mbed Tls