CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 1CVE-2022-35409
https://notcve.org/view.php?id=CVE-2022-35409
An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information disclosure based on error responses. Affected configurations have MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled and MBEDTLS_SSL_IN_CONTENT_LEN less than a threshold that depends on the configuration: 258 bytes if using mbedtls_ssl_cookie_check, and possibly up to 571 bytes with a custom cookie check function. Se ha descubierto un problema en Mbed TLS antes de la versión 2.28.1 y 3.x antes de la 3.2.0. • https://github.com/Mbed-TLS/mbedtls/releases https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html https://mbed-tls.readthedocs.io/en/latest/security-advisories/advisories/mbedtls-security-advisory-2022-07.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2021-27433 – ARM mbed-ualloc memory library Integer Overflow or Wraparound
https://notcve.org/view.php?id=CVE-2021-27433
ARM mbed-ualloc memory library version 1.3.0 is vulnerable to integer wrap-around in function mbed_krbs, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution. ARM mbed-ualloc memory library versión 1.3.0, es vulnerable a una envoltura de enteros en la función mbed_krbs, que puede conllevar a una asignación de memoria arbitraria, resultando en un comportamiento no esperado como un bloqueo o una inyección/ejecución de código remota • https://github.com/ARMmbed/mbed-os/pull/14408 https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04 • CWE-190: Integer Overflow or Wraparound •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-2021-27435 – ARM mbed Integer Overflow or Wraparound
https://notcve.org/view.php?id=CVE-2021-27435
ARM mbed product Version 6.3.0 is vulnerable to integer wrap-around in malloc_wrapper function, which can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution. ARM mbed product versión 6.3.0, es vulnerable a una envoltura de enteros en la función "malloc_wrapper", que puede conllevar a una asignación de memoria arbitraria, resultando en un comportamiento no esperado como un bloqueo o una inyección/ejecución de código remota • https://github.com/ARMmbed/mbed-os/pull/14408 https://www.cisa.gov/uscert/ics/advisories/icsa-21-119-04 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 1CVE-2021-43666
https://notcve.org/view.php?id=CVE-2021-43666
A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0. Se presenta una vulnerabilidad de denegación de servicio en mbed TLS 3.0.0 y anteriores, en la función mbedtls_pkcs12_derivation cuando la longitud de una contraseña de entrada es 0 • https://github.com/ARMmbed/mbedtls/issues/5136 https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-45450
https://notcve.org/view.php?id=CVE-2021-45450
In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application. En Mbed TLS versiones anteriores a 2.28.0 y 3.x versiones anteriores a 3.1.0, las funciones psa_cipher_generate_iv y psa_cipher_encrypt permiten omitir la política o el descifrado basado en oráculos cuando el búfer de salida es encontrado en ubicaciones de memoria accesibles para una aplicación no confiable • https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0 https://github.com/ARMmbed/mbedtls/releases/tag/v3.1.0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IL66WKJGXY5AXMTFE7QDMGL3RIBD6PX5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TALJHOYAYSUJTLN6BYGLO4YJGNZUY74W https://security.gentoo.org/glsa/202301-08 • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •