{"dataType": "CVE_RECORD", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2025-66442", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "dateUpdated": "2026-04-01T20:00:06.815Z", "dateReserved": "2025-12-01T00:00:00.000Z", "datePublished": "2026-04-01T00:00:00.000Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-01T19:28:05.685Z"}, "descriptions": [{"lang": "en", "value": "In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected."}], "affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"version": "n/a", "status": "affected"}]}], "references": [{"url": "https://github.com/Mbed-TLS/mbedtls/releases"}, {"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/"}, {"url": "https://github.com/Mbed-TLS/TF-PSA-Crypto/releases"}, {"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-compiler-induced-constant-time-violations/"}], "problemTypes": [{"descriptions": [{"type": "text", "lang": "en", "description": "n/a"}]}]}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-385", "lang": "en", "description": "CWE-385 Covert Timing Channel"}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"timestamp": "2026-04-01T19:59:38.178674Z", "id": "CVE-2025-66442", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T20:00:06.815Z"}}]}, "dataVersion": "5.2"}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.1, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}}, {"other": {"type": "ssvc", "content": {"id": "CVE-2025-66442", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-04-01T19:59:38.178674Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-385", "description": "CWE-385 Covert Timing Channel"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-04-01T19:58:42.109Z"}}], "cna": {"affected": [{"vendor": "n/a", "product": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "references": [{"url": "https://github.com/Mbed-TLS/mbedtls/releases"}, {"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/"}, {"url": "https://github.com/Mbed-TLS/TF-PSA-Crypto/releases"}, {"url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-compiler-induced-constant-time-violations/"}], "descriptions": [{"lang": "en", "value": "In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "text", "description": "n/a"}]}], "providerMetadata": {"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre", "dateUpdated": "2026-04-01T19:28:05.685Z"}}}, "cveMetadata": {"cveId": "CVE-2025-66442", "state": "PUBLISHED", "dateUpdated": "2026-04-01T20:00:06.815Z", "dateReserved": "2025-12-01T00:00:00.000Z", "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "datePublished": "2026-04-01T00:00:00.000Z", "assignerShortName": "mitre"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*", "matchCriteriaId": "E63DA70A-502D-4389-B0BE-51F0227F1151", "versionEndIncluding": "4.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:arm:tf-psa-crypto:*:*:*:*:*:*:*:*", "matchCriteriaId": "0A5B330B-0928-4C3E-9CC2-B2E4D81D96DE", "versionEndIncluding": "1.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected."}], "id": "CVE-2025-66442", "lastModified": "2026-04-03T20:04:38.487", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 1.4, "impactScore": 3.6, "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}, "published": "2026-04-01T20:16:22.107", "references": [{"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://github.com/Mbed-TLS/TF-PSA-Crypto/releases"}, {"source": "cve@mitre.org", "tags": ["Release Notes"], "url": "https://github.com/Mbed-TLS/mbedtls/releases"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/"}, {"source": "cve@mitre.org", "tags": ["Vendor Advisory"], "url": "https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-compiler-induced-constant-time-violations/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-385"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{"bugzilla": {"description": "mbedtls: Mbed TLS and TF-PSA-Crypto: Information disclosure via compiler-induced timing side channel", "id": "2453969", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2453969"}, "csaw": false, "cvss3": {"cvss3_base_score": "5.9", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N", "status": "draft"}, "cwe": "CWE-733", "details": ["In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected.", "A flaw was found in Mbed TLS and TF-PSA-Crypto. This vulnerability is a compiler-induced timing side channel that occurs when the LLVM compiler's select-optimize feature is enabled. A remote attacker could potentially exploit this timing difference during RSA and CBC/ECB decryption operations to infer sensitive information, such as cryptographic keys."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2025-66442", "public_date": "2026-04-01T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-66442\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-66442\nhttps://github.com/Mbed-TLS/TF-PSA-Crypto/releases\nhttps://github.com/Mbed-TLS/mbedtls/releases\nhttps://mbed-tls.readthedocs.io/en/latest/security-advisories/\nhttps://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-compiler-induced-constant-time-violations/"], "statement": "This Moderate impact flaw in Mbed TLS and TF-PSA-Crypto is a compiler-induced timing side channel. When the LLVM compiler's select-optimize feature is enabled, a remote attacker could potentially exploit timing differences during RSA and CBC/ECB decryption operations to infer sensitive information, such as cryptographic keys. This affects Red Hat community projects such as Fedora and EPEL.", "threat_severity": "Moderate"}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,4.0.0]"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}, {"score": 97.0, "source": "matching"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "mbedtls", "vendor": "mbed-tls"}, {"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.0.0]"}}], "enrichment": {"confidence": 80.0, "confidence_source": "inferred", "scores": [{"score": 80.0, "source": "inferred"}]}, "original": {"product": "n/a", "source": "cna", "vendor": "n/a"}, "product": "tf-psa-crypto", "vendor": "mbed-tls"}], "analysis": {"en": {"generated_at": "2026-04-03T22:30:27.190636+00:00", "value": {"mitigation_remediation": ["Verify the currently installed versions of Mbed TLS and TF-PSA-Crypto.", "If the versions are 4.0.0 or earlier for Mbed TLS or 1.0.0 or earlier for TF-PSA-Crypto, upgrade to the latest released versions from the official repositories.", "Rebuild all affected projects after the upgrade, ensuring that LLVM\u2019s select\u2011optimize feature is disabled or removed from the build flags.", "Validate that the rebuilt applications no longer exhibit the timing side channel by conducting side\u2011channel tests or following vendor guidance.", "If a timely upgrade is not possible, monitor vendor advisories for future fixes and consider isolating cryptographic workloads that rely on the affected libraries."], "summary": {"action": "Apply Patch", "impact": "Information Disclosure via Timing Side-Channel"}, "threat_synthesis": {"affected_systems": "ARM\u2019s Mbed TLS library up to and including release 4.0.0, and the TF-PSA-Crypto library up to and including release 1.0.0 are affected. Any applications or systems that use these libraries with LLVM\u2019s select\u2011optimize enabled are potentially vulnerable.", "description_and_impact": "A compiler-induced timing side channel exists in Mbed TLS through version 4.0.0 and in TF-PSA-Crypto through version 1.0.0. The flaw manifests during RSA and CBC/ECB decryption when LLVM\u2019s select\u2011optimize feature is enabled, allowing an adversary to infer secrets from subtle timing variations in the decryption process. This can lead to leakage of private keys or plaintext data.", "risk_and_exploitability": "The CVSS score of 5.1 indicates medium severity, but the EPSS score of less than 1\u202f% and absence from the KEV catalog imply a low likelihood of active exploitation. Exploitation requires that the vulnerable library be compiled with LLVM\u2019s select\u2011optimize enabled, so the attack surface is limited to developers or build environments that use these settings. If an attacker can influence the compilation of code containing the vulnerable libraries on a target system, they could measure timing differences and gain sensitive information, but widespread, automated exploitation is currently unlikely."}}}}, "created": "2026-04-02T07:51:32.174647+00:00", "updated": "2026-04-07T08:07:48.662066+00:00", "vendors": ["mbed-tls", "mbed-tls$PRODUCT$mbedtls", "mbed-tls$PRODUCT$tf-psa-crypto"]}