ARM mbed TLS prior to 1.3.22, prior to 2.1.10, and prior to 2.7.0 allows remote malicious users to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
arm mbed tls |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |