CVE-2018-9988
https://notcve.org/view.php?id=CVE-2018-9988
ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input. ARM mbed TLS, en versiones anteriores a la 2.1.11, anteriores a la 2.7.2 y anteriores a la 2.8.0, tiene una sobrelectura de búfer en ssl_parse_server_key_exchange() que podría provocar un cierre inesperado o una entrada no válida. • https://github.com/ARMmbed/mbedtls/commit/027f84c69f4ef30c0693832a6c396ef19e563ca1 https://github.com/ARMmbed/mbedtls/commit/a1098f81c252b317ad34ea978aea2bc47760b215 https://lists.debian.org/debian-lts-announce/2018/09/msg00029.html https://lists.debian.org/debian-lts-announce/2021/11/msg00021.html https://tls.mbed.org/tech-updates/releases/mbedtls-2.8.0-2.7.2-and-2.1.11-released • CWE-125: Out-of-bounds Read •
CVE-2017-18187
https://notcve.org/view.php?id=CVE-2017-18187
In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c. En ARM mbed TLS, en versiones anteriores a la 2.7.0, hay una omisión de comprobación de límites mediante un desbordamiento de enteros en el análisis de identidad PSK en la función ssl_parse_client_psk_identity() en library/ssl_srv.c. • http://www.securityfocus.com/bid/103055 https://github.com/ARMmbed/mbedtls/blob/master/ChangeLog https://github.com/ARMmbed/mbedtls/commit/83c9f495ffe70c7dd280b41fdfd4881485a3bc28 https://security.gentoo.org/glsa/201804-19 https://usn.ubuntu.com/4267-1 https://www.debian.org/security/2018/dsa-4138 https://www.debian.org/security/2018/dsa-4147 • CWE-190: Integer Overflow or Wraparound •
CVE-2018-0487
https://notcve.org/view.php?id=CVE-2018-0487
ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session. ARM mbed TLS, en versiones anteriores a la 1.3.22, a la 2.1.10 y a la 2.7.0, permite que atacantes remotos ejecuten código arbitrario o provoquen una denegación de servicio (desbordamiento de búfer) mediante una cadena de certificados manipulada que se gestiona de manera incorrecta durante la verificación de firmas RSASSA-PSS en una sesión TLS o DTLS. • http://www.securityfocus.com/bid/103056 https://security.gentoo.org/glsa/201804-19 https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01 https://usn.ubuntu.com/4267-1 https://www.debian.org/security/2018/dsa-4138 https://www.debian.org/security/2018/dsa-4147 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2018-0488
https://notcve.org/view.php?id=CVE-2018-0488
ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the truncated HMAC extension and CBC are used, allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption) via a crafted application packet within a TLS or DTLS session. ARM mbed TLS, en versiones anteriores a la 1.3.22, a la 2.1.10 y a la 2.7.0, cuando se usan las extensiones truncadas HMAC y CBC, permite que atacantes remotos ejecuten código arbitrario o provoquen una denegación de servicio (corrupción de memoria dinámica o heap) mediante un paquete de aplicación manipulado en una sesión TLS o DTLS. • http://www.securityfocus.com/bid/103057 https://security.gentoo.org/glsa/201804-19 https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01 https://usn.ubuntu.com/4267-1 https://www.debian.org/security/2018/dsa-4138 https://www.debian.org/security/2018/dsa-4147 • CWE-787: Out-of-bounds Write •
CVE-2017-14032
https://notcve.org/view.php?id=CVE-2017-14032
ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentication is configured, allows remote attackers to bypass peer authentication via an X.509 certificate chain with many intermediates. NOTE: although mbed TLS was formerly known as PolarSSL, the releases shipped with the PolarSSL name are not affected. ARM mbed TLS en versiones anteriores a la 1.3.21 y en versiones 2.x anteriores a la 2.1.9, si se configura la autenticación opcional, permite a los atacantes omitir la autenticación Peer mediante una cadena de certificados X.509 con muchos intermediarios. NOTA: aunque mbed TLS se conocía antes como PolarSSL, las versiones lanzadas con el nombre PolarSSL no están afectadas. • http://www.debian.org/security/2017/dsa-3967 https://bugs.debian.org/873557 https://github.com/ARMmbed/mbedtls/commit/31458a18788b0cf0b722acda9bb2f2fe13a3fb32 https://github.com/ARMmbed/mbedtls/commit/d15795acd5074e0b44e71f7ede8bdfe1b48591fc https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-02 • CWE-287: Improper Authentication •