diff options
| author |   Stefan Ghinea <stefan.ghinea@windriver.com> | 2023-01-26 23:07:40 +0200 |
|---|---|---|
| committer |   Khem Raj <raj.khem@gmail.com> | 2023-01-26 13:16:34 -0800 |
| commit | 2ab113e8be42ae2dd61babb8e9a1742684df1f59 (patch) | |
| tree | c748522bacd8660215ae92d9fd21c524201c06d0 /meta-oe | |
| parent | 91129b0c94124fa4042521d590dd6b9b1245f78e (diff) | |
| download | meta-openembedded-contrib-2ab113e8be42ae2dd61babb8e9a1742684df1f59.tar.gz | |
mbedtls: upgrade to 2.28.2 to fix CVE-2022-46392, CVE-2022-46393
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0.
An adversary with access to precise enough information about memory
accesses (typically, an untrusted operating system attacking a secure
enclave) can recover an RSA private key after observing the victim
performing a single private-key operation, if the window size
(MBEDTLS_MPI_WINDOW_SIZE) used for the exponentiation is 3 or smaller.
An issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0.
There is a potential heap-based buffer overflow and heap-based buffer
over-read in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and
MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX.
References:
https://nvd.nist.gov/vuln/detail/CVE-2022-46392
https://nvd.nist.gov/vuln/detail/CVE-2022-46393
Upstream patches:
https://github.com/Mbed-TLS/mbedtls/releases/tag/v2.28.2
Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Diffstat (limited to 'meta-oe')
0 files changed, 0 insertions, 0 deletions