FreeBSD : Mbed TLS -- Cache attack against RSA key import in SGX (056ea107-5729-11ea-a2f3-001cc0382b2f)

High Nessus Plugin ID 133969

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Janos Follath reports :

If Mbed TLS is running in an SGX enclave and the adversary has control of the main operating system, they can launch a side channel attack to recover the RSA private key when it is being imported.

The attack only requires access to fine grained measurements to cache usage. Therefore the attack might be applicable to a scenario where Mbed TLS is running in TrustZone secure world and the attacker controls the normal world or possibly when Mbed TLS is part of a hypervisor and the adversary has full control of a guest OS.

Solution

Update the affected package.

See Also

http://www.nessus.org/u?8e1ade23

http://www.nessus.org/u?4d90de82

Plugin Details

Severity: High

ID: 133969

File Name: freebsd_pkg_056ea107572911eaa2f3001cc0382b2f.nasl

Version: 1.1

Type: local

Published: 2020/02/25

Updated: 2020/02/25

Dependencies: 12634

Risk Information

Risk Factor: High

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:mbedtls, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 2020/02/24

Vulnerability Publication Date: 2020/02/18