vulnerability
FreeBSD: VID-d8382a69-4728-11e8-ba83-0011d823eebd: mbed TLS (PolarSSL) -- multiple vulnerabilities
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:N/I:N/A:C) | Apr 23, 2018 | Apr 24, 2018 | Dec 10, 2025 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:C)
Published
Apr 23, 2018
Added
Apr 24, 2018
Modified
Dec 10, 2025
Description
Simon Butcher reports: Defend against Bellcore glitch attacks by verifying the results of RSA private key operations. Fix implementation of the truncated HMAC extension. The previous implementation allowed an offline 2^80 brute force attack on the HMAC key of a single, uninterrupted connection (with no resumption of the session). Reject CRLs containing unsupported critical extensions. Found by Falko Strenzke and Evangelos Karatsiolis. Fix a buffer overread in ssl_parse_server_key_exchange() that could cause a crash on invalid input. Fix a buffer overread in ssl_parse_server_psk_hint() that could cause a crash on invalid input.
Solutions
freebsd-upgrade-package-mbedtlsfreebsd-upgrade-package-polarssl13
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.