14 matches found
JLSEC-2025-211 An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS)
An issue was discovered in Mbed TLS before 2.24.0 and before 2.16.8 LTS and before 2.7.17 LTS. There is missing zeroization of plaintext buffers in mbedtlssslread to erase unused application data from memory...
EUVD-2020-23962
Malware in sbrugna...
An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). There is missing zeroization of plaintext buffers in mbedtls_ssl_read to erase unused application data from memory.
...
Linux Distros Unpatched Vulnerability : CVE-2020-36476
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in Mbed TLS before 2.24.0 and before 2.16.8 LTS and before 2.7.17 LTS. There is missing zeroization of plaintext buffers in mbedtlssslre...
UBUNTU-CVE-2023-52767
In the Linux kernel, the following vulnerability has been resolved: tls: fix NULL deref on tlsswspliceeof with empty record syzkaller discovered that if tlsswspliceeof is executed as part of sendfile when the plaintext/ciphertext skmsg are empty, the send path gets confused because the empty...
SUSE CVE-2020-36476
An issue was discovered in Mbed TLS before 2.24.0 and before 2.16.8 LTS and before 2.7.17 LTS. There is missing zeroization of plaintext buffers in mbedtlssslread to erase unused application data from memory...
CVE-2020-36476
An issue was discovered in Mbed TLS before 2.24.0 and before 2.16.8 LTS and before 2.7.17 LTS. There is missing zeroization of plaintext buffers in mbedtlssslread to erase unused application data from memory...
CVE-2020-36476
An issue was discovered in Mbed TLS before 2.24.0 and before 2.16.8 LTS and before 2.7.17 LTS. There is missing zeroization of plaintext buffers in mbedtlssslread to erase unused application data from memory...
DEBIAN-CVE-2020-36476
An issue was discovered in Mbed TLS before 2.24.0 and before 2.16.8 LTS and before 2.7.17 LTS. There is missing zeroization of plaintext buffers in mbedtlssslread to erase unused application data from memory...
CVE-2020-36476
An issue was discovered in Mbed TLS before 2.24.0 and before 2.16.8 LTS and before 2.7.17 LTS. There is missing zeroization of plaintext buffers in mbedtlssslread to erase unused application data from memory...
UBUNTU-CVE-2020-36476
An issue was discovered in Mbed TLS before 2.24.0 and before 2.16.8 LTS and before 2.7.17 LTS. There is missing zeroization of plaintext buffers in mbedtlssslread to erase unused application data from memory...
CVE-2020-36476
An issue was discovered in Mbed TLS before 2.24.0 and before 2.16.8 LTS and before 2.7.17 LTS. There is missing zeroization of plaintext buffers in mbedtlssslread to erase unused application data from memory...
CVE-2020-36476
CVE-2020-36476 affects Mbed TLS before 2.24.0 (and before 2.16.8 LTS and before 2.7.17 LTS). The issue is a missing zeroization of plaintext buffers in the TLS code path (mbedtls_ssl_read), which leaves unused application data in memory. Exploitation would rely on memory exposure and could enable...
PT-2021-6687 · Mbed Tls +2 · Mbed Tls +2
Name of the Vulnerable Software and Affected Versions: Mbed TLS versions prior to 2.24.0 Mbed TLS versions prior to 2.16.8 LTS Mbed TLS versions prior to 2.7.17 LTS Description: The issue is related to the missing zeroization of plaintext buffers in the mbedtls ssl read function, which fails to...