{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-66442", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-01T20:00:06.815Z", "dateReserved": "2025-12-01T00:00:00.000Z", "datePublished": "2026-04-01T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-01T19:28:05.685Z"}, "descriptions": [{"lang": "en", "value": "In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/Mbed-TLS/mbedtls/releases"}, {"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/"}, {"url": "https://github.com/Mbed-TLS/TF-PSA-Crypto/releases"}, {"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-compiler-induced-constant-time-violations/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-385", "lang": "en", "description": "CWE-385 Covert Timing Channel"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-01T19:59:38.178674Z", "id": "CVE-2025-66442", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T20:00:06.815Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-66442", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-01T19:59:38.178674Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-385", "description": "CWE-385 Covert Timing Channel"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T19:58:42.109Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/Mbed-TLS/mbedtls/releases"}, {"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/"}, {"url": "https://github.com/Mbed-TLS/TF-PSA-Crypto/releases"}, {"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-compiler-induced-constant-time-violations/"}], "descriptions": [{"lang": "en", "value": "In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-01T19:28:05.685Z"}}}, "cveMetadata": {"cveId": "CVE-2025-66442", "state": "PUBLISHED", "dateUpdated": "2026-04-01T20:00:06.815Z", "dateReserved": "2025-12-01T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-01T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*", "matchCriteriaId": "E63DA70A-502D-4389-B0BE-51F0227F1151", "versionEndIncluding": "4.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arm:tf-psa-crypto:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A5B330B-0928-4C3E-9CC2-B2E4D81D96DE", "versionEndIncluding": "1.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected."}], "id": "CVE-2025-66442", "lastModified": "2026-04-03T20:04:38.487", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-01T20:16:22.107", "references": [{"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://github.com/Mbed-TLS/TF-PSA-Crypto/releases"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://github.com/Mbed-TLS/mbedtls/releases"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-compiler-induced-constant-time-violations/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-385"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "mbedtls: Mbed TLS and TF-PSA-Crypto: Information disclosure via compiler-induced timing side channel", "id": "2453969", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453969"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.9", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-733", "details": ["In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected.", "A flaw was found in Mbed TLS and TF-PSA-Crypto. This vulnerability is a compiler-induced timing side channel that occurs when the LLVM compiler's select-optimize feature is enabled. A remote attacker could potentially exploit this timing difference during RSA and CBC/ECB decryption operations to infer sensitive information, such as cryptographic keys."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2025-66442", "public_date": "2026-04-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-66442\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-66442\nhttps://github.com/Mbed-TLS/TF-PSA-Crypto/releases\nhttps://github.com/Mbed-TLS/mbedtls/releases\nhttps://mbed-tls.readthedocs.io/en/latest/security-advisories/\nhttps://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-compiler-induced-constant-time-violations/"], "statement": "This Moderate impact flaw in Mbed TLS and TF-PSA-Crypto is a compiler-induced timing side channel. When the LLVM compiler's select-optimize feature is enabled, a remote attacker could potentially exploit timing differences during RSA and CBC/ECB decryption operations to infer sensitive information, such as cryptographic keys. This affects Red Hat community projects such as Fedora and EPEL.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,4.0.0]"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 97.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "mbedtls", "vendor": "mbed-tls"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.0.0]"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "tf-psa-crypto", "vendor": "mbed-tls"}], "analysis": {"en": {"generated_at": "2026-04-02T14:21:06.623239+00:00", "value": {"mitigation_remediation": ["Upgrade to the latest released versions of Mbed TLS and TF\u2011PSA\u2011Crypto that contain the timing\u2011side\u2011channel fix.", "Recompile the libraries using LLVM without enabling the select\u2011optimize flag to eliminate the timing variation.", "Verify that cryptographic routines in your build exhibit constant\u2011time behavior via static analysis tools or runtime timing checks.", "Stay informed of future advisories by monitoring the official release pages and security advisories of Mbed TLS and TF\u2011PSA\u2011Crypto."], "summary": {"action": "Apply update", "impact": "Information disclosure via timing side channel"}, "threat_synthesis": {"affected_systems": "Any software that compiles or links against the open\u2011source Mbed TLS library through 4.0.0 or the TF\u2011PSA\u2011Crypto library through 1.0.0 is affected. This includes applications on a wide range of operating systems, architectures, and embedded devices that enable the LLVM select\u2011optimize flag during build. No specific commercial vendor is listed, but the libraries are maintained by the open\u2011source projects.", "description_and_impact": "A compiler\u2011induced timing side channel exists in Mbed TLS up to version 4.0.0 and in TF\u2011PSA\u2011Crypto up to version 1.0.0 when the LLVM compiler\u2019s select\u2011optimize feature is enabled. The weakness allows execution\u2011time variations during RSA and CBC/ECB decryption that can leak bits of secret data. The vulnerability is classified as implicit information exposure (CWE\u2011385) and improper handling of timing\u2011attack vulnerabilities (CWE\u2011733).", "risk_and_exploitability": "The CVSS score of 5.1 places the issue in the medium severity range. An EPSS score of less than 1% indicates a low probability of exploitation, and the vulnerability is not currently cataloged in the CISA KEV database. Based on the description, it is inferred that an attacker must be able to observe the timing of real\u2011time decryption operations, which typically requires local or network access to a process that performs affected cryptographic operations. Successful exploitation would leak confidential information inferred from timing data but would not provide code execution or denial of service."}}}}, "created": "2026-04-02T07:51:32.174647+00:00", "updated": "2026-04-03T08:59:12.027749+00:00", "vendors": ["mbed-tls", "mbed-tls$PRODUCT$mbedtls", "mbed-tls$PRODUCT$tf-psa-crypto"]}