mbedtls/ChangeLog.d/buf-overread-use-psa-static-ecdh.txt at 32a38dfec586f5b721592b46d4f4a21da99c082e - yuzu-mirror/mbedtls - Forgejo: Beyond coding. We forge.

yuzu-mirror/mbedtls

mirror of https://github.com/yuzu-mirror/mbedtls.git synced 2026-04-20 22:05:15 +00:00

Manuel Pégourié-Gonnard 32a38dfec5 Add ChangeLog for potential overread with USE_PSA

The issue was fixed while adding support for static ECDH with Opaque
keys: https://github.com/Mbed-TLS/mbedtls/pull/5624

This is just adding the ChangeLog entry for that fix.

Signed-off-by: Manuel Pégourié-Gonnard <manuel.pegourie-gonnard@arm.com>

2022-06-20 21:12:29 +02:00

7 lines

339 B

Text

Raw Blame History

 Security
    * Fix a potential heap buffer overread in TLS 1.2 server-side when
      MBEDTLS_USE_PSA_CRYPTO is enabled, an opaque key (created with
      mbedtls_pk_setup_opaque()) is provisioned, and a static ECDH ciphersuite
      is selected. This may result in an application crash. No path to
      information leak has been identified.