ARM mbed TLS prior to 2.1.11, prior to 2.7.2, and prior to 2.8.0 has a buffer over-read in ssl_parse_server_key_exchange() that could cause a crash on invalid input.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
arm mbed tls |
||
arm mbed tls 2.8.0 |
||
debian debian linux 8.0 |
||
debian debian linux 9.0 |