Page 2 of 25 results (0.002 seconds)

CVSS: 9.8EPSS: 0%CPEs: 4EXPL: 0

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX. Se descubrió un problema en Mbed TLS anterior a 2.28.2 y 3.x anterior a 3.3.0. Existe un posible desbordamiento de búfer de almacenamiento dinámico y una sobrelectura de búfer de almacenamiento dinámico en DTLS si MBEDTLS_SSL_DTLS_CONNECTION_ID está habilitado y MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX. • https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2 https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.3.0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4BR7ZCVKLPGCOEEALUHZMFHXQHR6S4QL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XMKJ5IMJEPXYAHHU56Z4P2FSYIEAESB https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories • CWE-125: Out-of-bounds Read CWE-787: Out-of-bounds Write •

CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0

An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0. An adversary with access to precise enough information about memory accesses (typically, an untrusted operating system attacking a secure enclave) can recover an RSA private key after observing the victim performing a single private-key operation, if the window size (MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller. Se descubrió un problema en Mbed TLS anterior a 2.28.2 y 3.x anterior a 3.3.0. Un adversario con acceso a información suficientemente precisa sobre los accesos a la memoria (normalmente, un sistema operativo no confiable que ataca un enclave seguro) puede recuperar una clave privada RSA después de observar a la víctima realizando una única operación con clave privada, si el tamaño de la ventana (MBEDTLS_MPI_WINDOW_SIZE) utilizada para la exponenciación es 3 o menor. • https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2 https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.3.0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4BR7ZCVKLPGCOEEALUHZMFHXQHR6S4QL https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6XMKJ5IMJEPXYAHHU56Z4P2FSYIEAESB • CWE-203: Observable Discrepancy •

CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 1

An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information disclosure based on error responses. Affected configurations have MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled and MBEDTLS_SSL_IN_CONTENT_LEN less than a threshold that depends on the configuration: 258 bytes if using mbedtls_ssl_cookie_check, and possibly up to 571 bytes with a custom cookie check function. Se ha descubierto un problema en Mbed TLS antes de la versión 2.28.1 y 3.x antes de la 3.2.0. • https://github.com/Mbed-TLS/mbedtls/releases https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html https://mbed-tls.readthedocs.io/en/latest/security-advisories/advisories/mbedtls-security-advisory-2022-07.html • CWE-125: Out-of-bounds Read •

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1

A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0. Se presenta una vulnerabilidad de denegación de servicio en mbed TLS 3.0.0 y anteriores, en la función mbedtls_pkcs12_derivation cuando la longitud de una contraseña de entrada es 0 • https://github.com/ARMmbed/mbedtls/issues/5136 https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html •

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application. En Mbed TLS versiones anteriores a 3.1.0, la función psa_aead_generate_nonce permite omitir la política o el descifrado basado en oráculos cuando el búfer de salida es encontrada en ubicaciones de memoria accesibles para una aplicación no confiable • https://github.com/ARMmbed/mbedtls/releases/tag/v3.1.0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IL66WKJGXY5AXMTFE7QDMGL3RIBD6PX5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TALJHOYAYSUJTLN6BYGLO4YJGNZUY74W • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •