All errata/p11/ALT-PU-2025-4727-2
ALT-PU-2025-4727-2

Package update mbedtls in branch p11

Version3.6.3-alt1
Task#379173
Published2025-04-09
Max severityCRITICAL
Severity:

Closed issues (5)

BDU:2024-07428
MEDIUM5.1

Уязвимость программного обеспечения Mbed TLS, связанная с использованием неисправного или рискованного криптографического алгоритма, позволяющая нарушителю раскрыть защищаемую информацию

Published: 2024-09-24
CVSS 3.xMEDIUM 5.1
CVSS:3.x/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CVSS 2.0MEDIUM 4.0
CVSS:2.0/AV:L/AC:H/Au:N/C:C/I:N/A:N
References
CVE-2024-45157
MEDIUM5.1

An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does not cause the PSA subsystem to use HMAC_DRBG: it uses HMAC_DRBG only when MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG and MBEDTLS_CTR_DRBG_C are disabled.

Published: 2024-09-05Modified: 2025-03-14
CVSS 3.xMEDIUM 5.1
CVSS:3.x/CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
References
CVE-2024-45159
CRITICAL9.8

An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in if keyUsage or extKeyUsage extensions, then the return value of mbedtls_ssl_get_verify_result() would incorrectly have the MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_KEY_USAGE bits clear. As a result, an attacker that had a certificate valid for uses other than TLS client authentication would nonetheless be able to use it for TLS client authentication. Only TLS 1.3 servers were affected, and only with optional authentication (with required authentication, the handshake would be aborted with a fatal alert).

Published: 2024-09-05Modified: 2025-03-13
CVSS 3.xCRITICAL 9.8
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
References
CVE-2025-27809
MEDIUM5.4

Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side, accepts servers that have trusted certificates for arbitrary hostnames unless the TLS client application calls mbedtls_ssl_set_hostname.

Published: 2025-03-25Modified: 2025-07-17
CVSS 3.xMEDIUM 5.4
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N
References
CVE-2025-27810
MEDIUM4.8

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays.

Published: 2025-03-25Modified: 2025-10-30
CVSS 3.xMEDIUM 4.8
CVSS:3.x/CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N
References