mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-02-09 21:40:43 +00:00
6 lines
276 B
Plaintext
6 lines
276 B
Plaintext
Security
|
|
* In psa_cipher_generate_iv() and psa_cipher_encrypt(), do not read back
|
|
from the output buffer. This fixes a potential policy bypass or decryption
|
|
oracle vulnerability if the output buffer is in memory that is shared with
|
|
an untrusted application.
|