Timing Attack Vulnerability in OP-TEE's Montgomery Implementation Compromising RSA Private Key

CVE-2017-1000413 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:N/A:N

Linaro's open source TEE solution called OP-TEE, version 2.4.0 (and older) is vulnerable a timing attack in the Montgomery parts of libMPA in OP-TEE resulting in a compromised private RSA key.

Learn more about our Cis Benchmark Audit For Ibm I.