mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-04 04:13:40 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Changelog for padding CT fixes

Browse Source 
Signed-off-by: Dave Rodgman <dave.rodgman@arm.com>
This commit is contained in:
Dave Rodgman 2023-09-21 10:25:01 +01:00
parent 1a7d387072
commit c3cb97896b
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
ChangeLog.d/padding-ct-changelog.txt Normal file
View File

@ -0,0 +1,6 @@
Security
* Fix non-constant-time behaviour in padding calculations in CBC
decryption, NIST SP 800-38F key wrapping, and RSAAES-OAEP decryption.
For CBC and RSAAES-OAEP, this may have been exploitable in a
padding oracle for a privileged local attacker with the ability to
observe memory access timings.