N/A

An issue was discovered in Mbed TLS before 2.28.1 and 3.x before 3.2.0. In some configurations, an unauthenticated attacker can send an invalid ClientHello message to a DTLS server that causes a heap-based buffer over-read of up to 255 bytes. This can cause a server crash or possibly information disclosure based on error responses. Affected configurations have MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled and MBEDTLS_SSL_IN_CONTENT_LEN less than a threshold that depends on the configuration: 258 bytes if using mbedtls_ssl_cookie_check, and possibly up to 571 bytes with a custom cookie check function.

N/A

N/A

Mbed TLS 缓冲区错误漏洞

Mbed TLS是一个开源、可移植、易于使用、可读且灵活的 SSL 库。 Mbed TLS 2.28.2之前版本和3.2.0之前的3.x版本存在缓冲区错误漏洞，该漏洞源于在某些配置中，未经认证的攻击者可以向DTLS服务器发送一个无效的ClientHello消息，从而导致基于堆的缓冲区过度读取多达255个字节。这可能会导致服务器崩溃或基于错误响应的信息泄露。受影响的配置启用了MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE，并且MBEDTLS_SSL_IN_CONTENT_LEN小于取决

N/A

N/A