An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtls_ecdsa_der_to_raw() and mbedtls_ecdsa_raw_to_der() can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA disabled, all values of bits are affected. (This never happens in internal library calls, but can affect applications that call these functions directly.)
History

Mon, 25 Nov 2024 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Mbed
Mbed mbedtls
CPEs cpe:2.3:a:mbed-tls:mbedtls:*:*:*:*:*:*:*:* cpe:2.3:a:mbed:mbedtls:*:*:*:*:*:*:*:*
Vendors & Products Mbed-tls
Mbed-tls mbedtls
Mbed
Mbed mbedtls

Fri, 06 Sep 2024 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Mbed-tls
Mbed-tls mbedtls
Weaknesses CWE-121
CPEs cpe:2.3:a:mbed-tls:mbedtls:*:*:*:*:*:*:*:*
Vendors & Products Mbed-tls
Mbed-tls mbedtls
Metrics cvssV3_1

{'score': 9.8, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Thu, 05 Sep 2024 18:45:00 +0000

Type Values Removed Values Added
Description An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtls_ecdsa_der_to_raw() and mbedtls_ecdsa_raw_to_der() can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA disabled, all values of bits are affected. (This never happens in internal library calls, but can affect applications that call these functions directly.)
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-09-05T00:00:00

Updated: 2024-11-25T20:54:01.597Z

Reserved: 2024-08-22T00:00:00

Link: CVE-2024-45158

cve-icon Vulnrichment

Updated: 2024-09-06T18:20:50.581Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-09-05T19:15:13.057

Modified: 2024-09-06T19:35:26.390

Link: CVE-2024-45158

cve-icon Redhat

No data.