An issue was discovered in Arm Mbed TLS before 2.23.0. Because of a side channel in modular exponentiation, an RSA private key used in a secure enclave could be disclosed.
https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html
https://github.com/ARMmbed/mbedtls/releases/tag/v2.23.0
https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.7