Critical Infrastructure Sectors: Critical Manufacturing
An issue exists in Mbed TLS prior to 2.28.2 and 3.x prior to 3.3.0. There is a potential heap-based buffer overflow and heap-based buffer over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
arm mbed tls |
||
fedoraproject fedora 36 |
||
fedoraproject fedora 37 |