3 matches found
SUSE CVE-2018-9989
ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in sslparseserverpskhint that could cause a crash on invalid input...
FreeBSD : mbed TLS (PolarSSL) -- multiple vulnerabilities (d8382a69-4728-11e8-ba83-0011d823eebd)
Simon Butcher reports : - Defend against Bellcore glitch attacks by verifying the results of RSA private key operations. - Fix implementation of the truncated HMAC extension. The previous implementation allowed an offline 2^80 brute-force attack on the HMAC key of a single, uninterrupted connecti...
DEBIAN-CVE-2018-9989
ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in sslparseserverpskhint that could cause a crash on invalid input...