CVE-2021-45451
https://notcve.org/view.php?id=CVE-2021-45451
In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application. En Mbed TLS versiones anteriores a 3.1.0, la función psa_aead_generate_nonce permite omitir la política o el descifrado basado en oráculos cuando el búfer de salida es encontrada en ubicaciones de memoria accesibles para una aplicación no confiable • https://github.com/ARMmbed/mbedtls/releases/tag/v3.1.0 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IL66WKJGXY5AXMTFE7QDMGL3RIBD6PX5 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TALJHOYAYSUJTLN6BYGLO4YJGNZUY74W • CWE-327: Use of a Broken or Risky Cryptographic Algorithm •
CVE-2021-44732
https://notcve.org/view.php?id=CVE-2021-44732
Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure. Mbed TLS versiones anteriores a 3.0.1,presenta una doble liberación en determinadas condiciones de salida de memoria, como es demostrado por un fallo de la función mbedtls_ssl_set_session() • https://bugs.gentoo.org/829660 https://github.com/ARMmbed/mbedtls/releases https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.12 https://github.com/ARMmbed/mbedtls/releases/tag/v2.28.0 https://github.com/ARMmbed/mbedtls/releases/tag/v3.1.0 https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2021-12 • CWE-415: Double Free •
CVE-2020-36475
https://notcve.org/view.php?id=CVE-2020-36475
An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 LTS and before 2.7.18 LTS). The calculations performed by mbedtls_mpi_exp_mod are not limited; thus, supplying overly large parameters could lead to denial of service when generating Diffie-Hellman key pairs. Se ha detectado un problema en Mbed TLS versiones anteriores a 2.25.0 (y versiones anteriores a 2.16.9 LTS y versiones anteriores a 2.7.18 LTS). Los cálculos llevado a cabo por la función mbedtls_mpi_exp_mod no están limitados; por lo tanto, el suministro de parámetros demasiado grandes podría conllevar a una denegación de servicio cuando se generan pares de claves Diffie-Hellman. • https://cert-portal.siemens.com/productcert/pdf/ssa-756638.pdf https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.9 https://github.com/ARMmbed/mbedtls/releases/tag/v2.25.0 https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.18 https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html • CWE-131: Incorrect Calculation of Buffer Size •
CVE-2020-36476
https://notcve.org/view.php?id=CVE-2020-36476
An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). There is missing zeroization of plaintext buffers in mbedtls_ssl_read to erase unused application data from memory. Se ha detectado un problema en Mbed TLS versiones anteriores a 2.24.0 (y versiones anteriores a 2.16.8 LTS y versiones anteriores a 2.7.17 LTS). Falta la puesta a cero de los búferes de texto plano en la función mbedtls_ssl_read para borrar de la memoria los datos no usados de la aplicación. • https://github.com/ARMmbed/mbedtls/releases/tag/v2.16.8 https://github.com/ARMmbed/mbedtls/releases/tag/v2.24.0 https://github.com/ARMmbed/mbedtls/releases/tag/v2.7.17 https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html https://lists.debian.org/debian-lts-announce/2022/12/msg00036.html • CWE-212: Improper Removal of Sensitive Information Before Storage or Transfer •
CVE-2020-36477
https://notcve.org/view.php?id=CVE-2020-36477
An issue was discovered in Mbed TLS before 2.24.0. The verification of X.509 certificates when matching the expected common name (the cn argument of mbedtls_x509_crt_verify) with the actual certificate name is mishandled: when the subjecAltName extension is present, the expected name is compared to any name in that extension regardless of its type. This means that an attacker could impersonate a 4-byte or 16-byte domain by getting a certificate for the corresponding IPv4 or IPv6 address (this would require the attacker to control that IP address, though). Se ha detectado un problema en Mbed TLS versiones anteriores a 2.24.0. La comprobación de los certificados X.509 cuando se compara el nombre común esperado (el argumento cn de la función mbedtls_x509_crt_verify) con el nombre real del certificado es manejado inapropiadamente: cuando la extensión subjecAltName está presente, el nombre esperado es comparado con cualquier nombre de esa extensión independientemente de su tipo. • https://github.com/ARMmbed/mbedtls/issues/3498 https://github.com/ARMmbed/mbedtls/releases/tag/v2.24.0 https://security.gentoo.org/glsa/202301-08 • CWE-295: Improper Certificate Validation •