lib/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-10-24 13:32:59 +03:00
Code Activity

We have a CVE ID

Browse Source 
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
This commit is contained in:
Gilles Peskine
2025-09-16 10:39:29 +02:00
parent 3e59e0ae08
commit d1244932f1
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
ChangeLog.d/pkcs7-padding-error-leak.txt
View File

@@ -2,4 +2,4 @@ Security
* Fix a timing side channel in CBC-PKCS7 decryption that could
allow an attacker who can submit chosen ciphertexts to recover
some plaintexts through a timing-based padding oracle attack.
Credits to Beat Heeb from Oberon microsystems AG. CVE-TODO
Credits to Beat Heeb from Oberon microsystems AG. CVE-2025-59438