Lucene search

Gentoo FoundationMGASA-2022-0415

HistoryNov 08, 2022 - 10:44 p.m.

Updated mbedtls packages fix security vulnerability

2022-11-0822:44:28

Gentoo Foundation

advisories.mageia.org

mbedtls

security vulnerability

buffer overread

dtls servers

remote host

information disclosure

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

EPSS

0.001

Percentile

48.7%

JSON

An unauthenticated remote host could send an invalid ClientHello message in which the declared length of the cookie extends past the end of the message. A DTLS server with MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled would read past the end of the message up to the declared length of the cookie. This could cause a buffer overread of up to 255 bytes on the heap in vulnerable DTLS servers, which may lead to a crash or to information disclosure via the cookie check function (CVE-2022-35409). This issue has been patched, backporting a fix from upstream’s 2.28.0 release.

OSVersionArchitecturePackageVersionFilename
Mageia8noarchmbedtls< 2.16.12-1.1mbedtls-2.16.12-1.1.mga8

OS	Version	Architecture	Package	Version	Filename
Mageia	8	noarch	mbedtls	< 2.16.12-1.1	mbedtls-2.16.12-1.1.mga8

References

bugs.mageia.org/show_bug.cgi?id=31058

github.com/Mbed-TLS/mbedtls/commit/e5af9fabf7d68e3807b6ea78792794b8352dbba2

mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/mbedtls-security-advisory-2022-07/

CVSS3

9.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

EPSS

0.001

Percentile

48.7%

JSON

Related for MGASA-2022-0415