In ARM mbed TLS prior to 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
arm mbed tls |
||
debian debian linux 9.0 |
||
debian debian linux 8.0 |