Test ID:	1.3.6.1.4.1.25623.1.1.10.2020.0370
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2020-0370)
Summary:	The remote host is missing an update for the 'mbedtls' package(s) announced via the MGASA-2020-0370 advisory.
Description:	Summary: The remote host is missing an update for the 'mbedtls' package(s) announced via the MGASA-2020-0370 advisory. Vulnerability Insight: mbedtls 2.16.8 fixes three security vulnerabilities which could affect earlier releases: Local side channel attack on classical CBC decryption in (D)TLS (CVE-2020-16150). Local side channel attack on RSA and static Diffie-Hellman. Protocol weakness in DHE-PSK key exchange. Affected Software/OS: 'mbedtls' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 2.1 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2020-16150 FEDORA-2020-48a1ae610c https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5OSOFUD6UTGTDDSQRS62BPXDU52I6PUA/ FEDORA-2020-8b0d59bac6 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IRPBHCQKZXHVKOP5O5EWE7P76AWGUXQJ/ FEDORA-2020-e75ade5e38 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OD3NM6GD73CTFFRBKG5G2ACXGG7QQHCC/ [debian-lts-announce] 20221225 [SECURITY] [DLA 3249-1] mbedtls security update https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html https://tls.mbed.org/tech-updates/security-advisories https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2020-09-1
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.