FreeBSD : Mbed TLS -- Side-channel attack on ECC key import and validation (c685edd9-c045-11ea-8898-001cc0382b2f)

high Nessus Plugin ID 138199

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Manuel Pegourie-Gonnard reports :

The scalar multiplication function in Mbed TLS accepts a random number generator (RNG) as an optional argument and, if provided, uses it to protect against some attacks.

It is the caller's responsibility to provide a RNG if protection against side-channel attacks is desired; however two groups of functions in Mbed TLS itself fail to pass a RNG :

- mbedtls_pk_parse_key() and mbedtls_pk_parse_keyfile()

- mbedtls_ecp_check_pub_priv() and mbedtls_pk_check_pair()

When those functions are called, scalar multiplication is computed without randomisation, a number of old and new attacks apply, allowing a powerful local attacker to fully recover the private key.

Solution

Update the affected package.

See Also

http://www.nessus.org/u?a4d56cf6

http://www.nessus.org/u?80493719

Plugin Details

Severity: High

ID: 138199

File Name: freebsd_pkg_c685edd9c04511ea8898001cc0382b2f.nasl

Version: 1.1

Type: local

Published: 7/8/2020

Updated: 7/8/2020

Supported Sensors: Nessus

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:mbedtls, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 7/7/2020

Vulnerability Publication Date: 7/1/2020