Information on source package mbedtls

Available versions

ReleaseVersion
stretch2.4.2-1+deb9u4
buster2.16.9-0~deb10u1
bullseye2.16.9-0.1
bookworm2.28.3-1
trixie2.28.8-1
sid3.6.2-3

Open issues

BugstretchbusterbullseyebookwormtrixiesidDescription
CVE-2024-49195vulnerablefixedfixedfixedvulnerablefixedMbed TLS 3.5.x through 3.6.x before 3.6.2 has a buffer underrun in pkw ...
CVE-2024-45157vulnerablefixedvulnerablevulnerablevulnerablevulnerableAn issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1 ...
CVE-2024-28960vulnerablevulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28. ...
CVE-2024-28755vulnerablevulnerable (no DSA, postponed)vulnerable (no DSA)vulnerable (no DSA)vulnerablefixedAn issue was discovered in Mbed TLS 3.5.x before 3.6.0. When an SSL co ...
CVE-2024-23775vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedInteger Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x b ...
CVE-2024-23744vulnerablefixedfixedfixedfixedfixedAn issue was discovered in Mbed TLS 3.5.1. There is persistent handsha ...
CVE-2024-23170vulnerablevulnerable (no DSA)vulnerable (no DSA)vulnerable (no DSA)fixedfixedAn issue was discovered in Mbed TLS 2.x before 2.28.7 and 3.x before 3 ...
CVE-2023-52353vulnerablefixedfixedfixedfixedfixedAn issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_sess ...
CVE-2022-46393vulnerablefixedfixedfixedfixedfixedAn issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0 ...
CVE-2022-46392vulnerablevulnerable (no DSA, postponed)vulnerable (no DSA)fixedfixedfixedAn issue was discovered in Mbed TLS before 2.28.2 and 3.x before 3.3.0 ...
CVE-2022-35409vulnerablefixedvulnerable (no DSA)fixedfixedfixedAn issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0 ...
CVE-2021-44732vulnerablefixedvulnerable (no DSA)fixedfixedfixedMbed TLS before 3.0.1 has a double free in certain out-of-memory condi ...
CVE-2021-43666vulnerablefixedvulnerable (no DSA)fixedfixedfixedA Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier ...
CVE-2021-36647vulnerablevulnerable (no DSA)vulnerable (no DSA)fixedfixedfixedUse of a Broken or Risky Cryptographic Algorithm in the function mbedt ...
CVE-2021-24119fixedfixedvulnerable (no DSA)fixedfixedfixedIn Trusted Firmware Mbed TLS 2.24.0, a side-channel vulnerability in b ...
CVE-2020-36426vulnerable (no DSA)fixedfixedfixedfixedfixedAn issue was discovered in Arm Mbed TLS before 2.24.0. mbedtls_x509_cr ...
CVE-2020-36425vulnerable (no DSA)fixedfixedfixedfixedfixedAn issue was discovered in Arm Mbed TLS before 2.24.0. It incorrectly ...
CVE-2020-36424vulnerable (no DSA)fixedfixedfixedfixedfixedAn issue was discovered in Arm Mbed TLS before 2.24.0. An attacker can ...
CVE-2020-36423vulnerable (no DSA)fixedfixedfixedfixedfixedAn issue was discovered in Arm Mbed TLS before 2.23.0. A remote attack ...
CVE-2020-36422vulnerable (no DSA)fixedfixedfixedfixedfixedAn issue was discovered in Arm Mbed TLS before 2.23.0. A side channel ...
CVE-2020-36421vulnerable (no DSA)fixedfixedfixedfixedfixedAn issue was discovered in Arm Mbed TLS before 2.23.0. Because of a si ...
CVE-2020-16150vulnerable (no DSA)fixedfixedfixedfixedfixedA Lucky 13 timing side channel in mbedtls_ssl_decrypt_buf in library/s ...
CVE-2020-10941vulnerable (no DSA)fixedfixedfixedfixedfixedArm Mbed TLS before 2.16.5 allows attackers to obtain sensitive inform ...
CVE-2020-10932vulnerable (no DSA)fixedfixedfixedfixedfixedAn issue was discovered in Arm Mbed TLS before 2.16.6 and 2.7.x before ...
CVE-2019-18222vulnerable (no DSA)fixedfixedfixedfixedfixedThe ECDSA signature implementation in ecdsa.c in Arm Mbed Crypto 2.1 a ...
CVE-2019-16910vulnerable (no DSA)fixedfixedfixedfixedfixedArm Mbed TLS before 2.19.0 and Arm Mbed Crypto before 2.0.0, when dete ...
CVE-2018-19608vulnerable (no DSA)fixedfixedfixedfixedfixedArm Mbed TLS before 2.14.1, before 2.7.8, and before 2.1.17 allows a l ...

Open unimportant issues

BugstretchbusterbullseyebookwormtrixiesidDescription
CVE-2023-43615vulnerablevulnerablevulnerablevulnerablevulnerablevulnerableMbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.
CVE-2018-1000520vulnerablevulnerablevulnerablevulnerablevulnerablevulnerableARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows In ...

Resolved issues

BugDescription
CVE-2024-45159An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, wh ...
CVE-2024-45158An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer o ...
CVE-2024-30166In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can c ...
CVE-2024-28836An issue was discovered in Mbed TLS 3.5.x before 3.6.0. When negotiati ...
CVE-2023-45199Mbed TLS 3.2.x through 3.4.x before 3.5 has a Buffer Overflow that can ...
CVE-2021-45451In Mbed TLS before 3.1.0, psa_aead_generate_nonce allows policy bypass ...
CVE-2021-45450In Mbed TLS before 2.28.0 and 3.x before 3.1.0, psa_cipher_generate_iv ...
CVE-2020-36478An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 L ...
CVE-2020-36477An issue was discovered in Mbed TLS before 2.24.0. The verification of ...
CVE-2020-36476An issue was discovered in Mbed TLS before 2.24.0 (and before 2.16.8 L ...
CVE-2020-36475An issue was discovered in Mbed TLS before 2.25.0 (and before 2.16.9 L ...
CVE-2018-9989ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffe ...
CVE-2018-9988ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffe ...
CVE-2018-0498ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows loc ...
CVE-2018-0497ARM mbed TLS before 2.12.0, before 2.7.5, and before 2.1.14 allows rem ...
CVE-2018-0488ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the ...
CVE-2018-0487ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows rem ...
CVE-2017-18187In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through a ...
CVE-2017-14032ARM mbed TLS before 1.3.21 and 2.x before 2.1.9, if optional authentic ...
CVE-2017-2784An exploitable free of a stack pointer vulnerability exists in the x50 ...
CVE-2015-8036Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x b ...
CVE-2015-5291Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed ...

Security announcements

DSA / DLADescription
DLA-3249-1mbedtls - security update
DLA-2826-1mbedtls - security update
DSA-4296-1mbedtls - security update
DSA-4138-1mbedtls - security update
DSA-3967-1mbedtls - security update
Search for package or bug name: Reporting problems