CVE-2022-35409

2022-07-1514:15:00

Alpine Linux Development Team

security.alpinelinux.org

9.1 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H

6.4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:N/A:P

0.001 Low

EPSS

Percentile

47.9%

JSON

An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information disclosure based on error responses. Affected configurations have MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled and MBEDTLS_SSL_IN_CONTENT_LEN less than a threshold that depends on the configuration: 258 bytes if using mbedtls_ssl_cookie_check, and possibly up to 571 bytes with a custom cookie check function.

OSVersionArchitecturePackageVersionFilename
Alpineedge-communitynoarchmbedtls2< 2.28.1-r0UNKNOWN
Alpineedge-mainnoarchmbedtls< 2.28.1-r0UNKNOWN
Alpine3.16-mainnoarchmbedtls< 2.28.1-r0UNKNOWN
Alpine3.17-mainnoarchmbedtls< 2.28.1-r0UNKNOWN
Alpine3.18-mainnoarchmbedtls< 2.28.1-r0UNKNOWN
Alpine3.19-mainnoarchmbedtls< 2.28.1-r0UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Alpine	edge-community	noarch	mbedtls2	< 2.28.1-r0	UNKNOWN
Alpine	edge-main	noarch	mbedtls	< 2.28.1-r0	UNKNOWN
Alpine	3.16-main	noarch	mbedtls	< 2.28.1-r0	UNKNOWN
Alpine	3.17-main	noarch	mbedtls	< 2.28.1-r0	UNKNOWN
Alpine	3.18-main	noarch	mbedtls	< 2.28.1-r0	UNKNOWN
Alpine	3.19-main	noarch	mbedtls	< 2.28.1-r0	UNKNOWN