Lucene search

K
redhatcveRedhat.comRH:CVE-2017-18187
HistoryMay 21, 2022 - 12:13 a.m.

CVE-2017-18187

2022-05-2100:13:31
redhat.com
access.redhat.com
12
arm
mbed tls
integer overflow
psk identity parsing
ssl_parse_client_psk_identity function

EPSS

0.012

Percentile

85.1%

In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c.