What is the CVSS score of CVE-2025-66442?

CVE-2025-66442 has a CVSS 3.1 base score of 5.1 (Medium). CVSS vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N. EPSS exploitation probability: 0.0%.

Red Hat CVE-2025-66442

EUVD-2025-209171 MEDIUM

Covert Timing Channel (CWE-385)

2026-04-01 mitre

Information Disclosure Red Hat

5.1

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Local

Attack Complexity

High

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

Lifecycle Timeline

EUVD ID Assigned

Apr 01, 2026 - 19:45 euvd

EUVD-2025-209171

Analysis Generated

Apr 01, 2026 - 19:45 vuln.today

CVE Published

Apr 01, 2026 - 00:00 nvd

MEDIUM 5.1

DescriptionNVD

In Mbed TLS through 4.0.0, there is a compiler-induced timing side channel (in RSA and CBC/ECB decryption) that only occurs with LLVM's select-optimize feature. TF-PSA-Crypto through 1.0.0 is also affected.

AnalysisAI

Compiler-induced timing side channel in Mbed TLS through 4.0.0 and TF-PSA-Crypto through 1.0.0 allows information disclosure of RSA private keys and CBC/ECB-decrypted plaintext when LLVM's select-optimize feature is enabled during compilation. The vulnerability arises from compiler optimization that violates constant-time implementation guarantees, potentially exposing cryptographic material to timing analysis attacks despite developers' explicit use of constant-time code patterns.

Technical ContextAI

Mbed TLS and TF-PSA-Crypto are widely-used cryptographic libraries that implement RSA and symmetric encryption (CBC, ECB modes). The vulnerability involves a compiler-specific issue where LLVM's select-optimize optimization pass transforms conditional logic in constant-time RSA and block cipher decryption routines into data-dependent timing variations. The root cause falls under timing side-channel weakness (CWE-208, Information Disclosure via Timing Attack) - the libraries contain correctly-written constant-time implementations, but the compiler optimization defeats these protections. This affects any application compiled with LLVM select-optimize enabled, including embedded systems, TLS implementations, and cryptographic services relying on these libraries for secure key material protection.

RemediationAI

Upgrade Mbed TLS to a patched version released after 4.0.0 and upgrade TF-PSA-Crypto to a patched version released after 1.0.0. Consult the official release pages (https://github.com/Mbed-TLS/mbedtls/releases and https://github.com/Mbed-TLS/TF-PSA-Crypto/releases) for exact patched version numbers. As an interim mitigation, disable LLVM's select-optimize feature during compilation by avoiding aggressive optimization flags or explicitly disabling select-optimize in build configurations. For applications where recompilation is impractical, review whether select-optimize is actually enabled in the current build (it is not enabled by default); if not, the system is unaffected. Verify patched versions have been released by checking the Mbed TLS security advisory at https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-compiler-induced-constant-time-violations/.