Lucene search
GoogleOSV:CVE-2021-45450HistoryDec 21, 2021 - 7:15 a.m.
CVE-2021-45450
2021-12-2107:15:06
Google
osv.dev
10
mbed tls
psa_cipher
vulnerability
policy bypass
oracle-based decryption
untrusted application.
In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv and psa_cipher_encrypt allow policy bypass or oracle-based decryption when the output buffer is at memory locations accessible to an untrusted application.
References
github.com/ARMmbed/mbedtls/releases/tag/v2.28.0
github.com/ARMmbed/mbedtls/releases/tag/v3.1.0
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IL66WKJGXY5AXMTFE7QDMGL3RIBD6PX5/
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TALJHOYAYSUJTLN6BYGLO4YJGNZUY74W/
security.gentoo.org/glsa/202301-08
Related
cvelist
cvelist
CVE-2021-45450
2021-12-21 00:00:00
ubuntucve
ubuntucve
CVE-2021-45450
2021-12-21 00:00:00
debiancve
debiancve
CVE-2021-45450
2021-12-21 07:15:06
cve
cve
CVE-2021-45450
2021-12-21 07:15:06
nvd
nvd
CVE-2021-45450
2021-12-21 07:15:06
prion
prion
Buffer overflow
2021-12-21 07:15:00
osv
osv
libmbedcrypto7-2.28.0-1.1 on GA media
2024-06-15 00:00:00
fedora
fedora
[SECURITY] Fedora 37 Update: mbedtls-2.28.1-1.fc37
2022-11-10 22:50:41
[SECURITY] Fedora 36 Update: mbedtls-2.28.1-1.fc36
2022-10-30 21:00:35
openvas
openvas
Fedora: Security Advisory for mbedtls (FEDORA-2022-1dd9dc5140)
2022-11-11 00:00:00
Fedora: Security Advisory for mbedtls (FEDORA-2022-ff582c5b0d)
2022-10-31 00:00:00
nessus
nessus
Fedora 36 : mbedtls (2022-ff582c5b0d)
2022-12-22 00:00:00
GLSA-202301-08 : Mbed TLS: Multiple Vulnerabilities
2023-01-11 00:00:00
gentoo
gentoo
Mbed TLS: Multiple Vulnerabilities
2023-01-11 00:00:00