An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attacker can recover plaintext because a certain Lucky 13 countermeasure doesn't properly consider the case of a hardware accelerator.
{
"unresolved_ranges": [
{
"extracted_events": [
{
"fixed": "2.16.7"
},
{
"introduced": "2.17.0"
},
{
"fixed": "2.23.0"
}
],
"source": "CPE_RANGE",
"vendor_product": "arm:mbed_tls",
"cpes": [
"cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*"
]
},
{
"cpes": [
"cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*"
],
"source": "CPE_STRING",
"vendor_product": "debian:debian_linux",
"extracted_events": [
{
"introduced": "10.0"
},
{
"last_affected": "10.0"
}
]
}
]
}