mirror/mbedtls
1
0
Fork 0
mirror of https://github.com/Mbed-TLS/mbedtls.git synced 2025-03-31 19:21:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge pull request #9087 from ronald-cron-arm/add-cve-2024-30166-ref

Browse Source 
ChangeLog: Add missing reference to CVE in security entry
This commit is contained in:
Gilles Peskine 2024-05-02 15:47:43 +00:00 committed by GitHub
commit cedb011c50
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ChangeLog
View File

@ -144,6 +144,7 @@ Security
* Fix a stack buffer overread (less than 256 bytes) when parsing a TLS 1.3 * Fix a stack buffer overread (less than 256 bytes) when parsing a TLS 1.3
ClientHello in a TLS 1.3 server supporting some PSK key exchange mode. A ClientHello in a TLS 1.3 server supporting some PSK key exchange mode. A
malicious client could cause information disclosure or a denial of service. malicious client could cause information disclosure or a denial of service.
Fixes CVE-2024-30166.
* Passing buffers that are stored in untrusted memory as arguments * Passing buffers that are stored in untrusted memory as arguments
to PSA functions is now secure by default. to PSA functions is now secure by default.
The PSA core now protects against modification of inputs or exposure The PSA core now protects against modification of inputs or exposure