Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2024-28960HistoryMar 29, 2024 - 6:15 a.m.
CVE-2024-28960
2024-03-2906:15:07
Debian Security Bug Tracker
security-tracker.debian.org
8
psa crypto api
unix
cve-2024-28960
security vulnerability
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
AI Score
7.1
Confidence
Low
EPSS
0
Percentile
15.5%
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | mbedtls | <= 2.28.3-1 | mbedtls_2.28.3-1_all.deb |
| Debian | 11 | all | mbedtls | <= 2.16.9-0.1 | mbedtls_2.16.9-0.1_all.deb |
| Debian | 999 | all | mbedtls | < 2.28.8-1 | mbedtls_2.28.8-1_all.deb |
| Debian | 13 | all | mbedtls | < 2.28.8-1 | mbedtls_2.28.8-1_all.deb |
Related
fedora
fedora
[SECURITY] Fedora 38 Update: mbedtls-2.28.8-1.fc38
2024-04-17 02:11:52
[SECURITY] Fedora 39 Update: mbedtls-2.28.8-1.fc39
2024-04-17 02:19:23
[SECURITY] Fedora 40 Update: mbedtls-2.28.8-1.fc40
2024-04-19 21:40:27
ubuntucve
ubuntucve
CVE-2024-28960
2024-03-29 00:00:00
cve
cve
CVE-2024-28960
2024-03-29 06:15:07
osv
osv
libmbedcrypto7-2.28.8-1.1 on GA media
2024-06-15 00:00:00
CVE-2024-28960
2024-03-29 06:15:07
nvd
nvd
CVE-2024-28960
2024-03-29 06:15:07
alpinelinux
alpinelinux
CVE-2024-28960
2024-03-29 06:15:07
veracode
veracode
Sensitive Information Disclosure
2024-04-03 12:15:11
cvelist
cvelist
CVE-2024-28960
2024-03-29 00:00:00
openvas
openvas
Fedora: Security Advisory (FEDORA-2024-a23b5f0783)
2024-05-27 00:00:00
Fedora: Security Advisory for mbedtls (FEDORA-2024-1249d56928)
2024-05-27 00:00:00
Mageia: Security Advisory (MGASA-2024-0146)
2024-04-26 00:00:00
nessus
nessus
Fedora 38 : mbedtls (2024-1249d56928)
2024-04-17 00:00:00
Fedora 40 : mbedtls (2024-a23b5f0783)
2024-04-29 00:00:00
Fedora 39 : mbedtls (2024-666210bd74)
2024-04-17 00:00:00
redhatcve
redhatcve
CVE-2024-28960
2024-03-29 09:31:10
mageia
mageia
Updated mbedtls packages fix security vulnerability
2024-04-25 19:00:30
vulnrichment
vulnrichment
CVE-2024-28960
2024-03-29 00:00:00
redos
redos
ROS-20240503-04
2024-05-03 00:00:00
CVSS3
8.2
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
AI Score
7.1
Confidence
Low
EPSS
0
Percentile
15.5%
Related for DEBIANCVE:CVE-2024-28960