CVE-2015-8036

2015-11-0219:59:16

CWE-119

mitre

web.nvd.nist.gov

cve-2015-8036

heap-based buffer overflow

arm

mbed tls

polarssl

ssl servers

denial of service

arbitrary code

session ticket

nvd

CVSS2

6.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

AI Score

Confidence

Low

EPSS

0.011

Percentile

84.4%

JSON

Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long session ticket name to the session ticket extension, which is not properly handled when creating a ClientHello message to resume a session. NOTE: this identifier was SPLIT from CVE-2015-5291 per ADT3 due to different affected version ranges.

Affected configurations

Nvd

Node

armmbed_tlsRange1.3.0–1.3.14

armmbed_tlsRange2.0.0–2.1.2

polarsslpolarsslRange≤1.2.17

Node

debiandebian_linuxMatch7.0

debiandebian_linuxMatch8.0

fedoraprojectfedoraMatch21

opensuseopensuseMatch13.2

VendorProductVersionCPE
armmbed_tls*cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*
polarsslpolarssl*cpe:2.3:a:polarssl:polarssl:*:*:*:*:*:*:*:*
debiandebian_linux7.0cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
debiandebian_linux8.0cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
fedoraprojectfedora21cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
opensuseopensuse13.2cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
arm	mbed_tls	*	cpe:2.3:a:arm:mbed_tls::::::::
polarssl	polarssl	*	cpe:2.3:a:polarssl:polarssl::::::::
debian	debian_linux	7.0	cpe:2.3:o:debian:debian_linux:7.0:::::::*
debian	debian_linux	8.0	cpe:2.3:o:debian:debian_linux:8.0:::::::*
fedoraproject	fedora	21	cpe:2.3:o:fedoraproject:fedora:21:::::::*
opensuse	opensuse	13.2	cpe:2.3:o:opensuse:opensuse:13.2:::::::*