ROS-20240503-04

A vulnerability in the mbedtlsx509setextension function of the Mbed TLS software is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of denial of service A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto...

ROS-20240503-13

A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto software is related to a insufficient spatial separation. Exploitation of the vulnerability could allow an attacker to have an impact the confidentiality, integrity, and availability of data Vulnerability in the...

ROS-20240503-16

A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto software is related to a insufficient spatial separation. Exploitation of the vulnerability could allow an attacker to have an impact the confidentiality, integrity, and availability of data Vulnerability in the...

ROS-20240503-15

A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto software is related to a insufficient spatial separation. Exploitation of the vulnerability could allow an attacker to have an impact the confidentiality, integrity, and availability of data Vulnerability in the...

ROS-20240503-14

A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto software is related to a insufficient spatial separation. Exploitation of the vulnerability could allow an attacker to have an impact the confidentiality, integrity, and availability of data Vulnerability in the...

ROS-20240503-17

A vulnerability in the PSA Crypto API of the Mbed TLS and Mbed Crypto software is related to a insufficient spatial separation. Exploitation of the vulnerability could allow an attacker to have an impact the confidentiality, integrity, and availability of data Vulnerability in the...

Mageia: Security Advisory (MGASA-2024-0146)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

MGASA-2024-0146 Updated mbedtls packages fix security vulnerability

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory. CVE-2024-28960...

Fedora 39 : mbedtls (2024-666210bd74)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-666210bd74 advisory. - Update to 2.28.8 Release notes: https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.8 Tenable has extracted the preceding description block...

Sensitive Information Disclosure

libmbedtls.so is vulnerable to Sensitive Information Disclosure. The vulnerability is due to inadequate handling of shared memory within the PSA Crypto API, potentially leading to information disclosure...

CVE-2024-28960

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory...

CVE-2024-28960

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory...

CVE-2024-28960

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory...

CVE-2024-28960

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory...

CVE-2024-28960

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory...

CVE-2024-28960

CVE-2024-28960 affects Mbed TLS 2.18.0–2.28.x (before 2.28.8) and Mbed TLS 3.x (before 3.6.0), and Mbed Crypto. The PSA Crypto API mishandles shared memory. Reported impact: high confidentiality impact, low integrity impact; exploitation context is not detailed in the provided documents. Public f...

CVE-2024-28960

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory...

CVE-2024-28960

An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory...

PT-2024-2509 · Arm +3 · Mbed Crypto +4

Name of the Vulnerable Software and Affected Versions: Mbed TLS versions 2.18.0 through 2.28.x before 2.28.8 Mbed TLS versions 3.x before 3.6.0 Mbed Crypto affected versions not specified Description: The PSA Crypto API in Mbed TLS and Mbed Crypto mishandles shared memory, which can be exploited ...