MGASA-2018-0253

Source
https://advisories.mageia.org/MGASA-2018-0253.html
Import Source
https://advisories.mageia.org/MGASA-2018-0253.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2018-0253
Related
Published
2018-05-24T16:30:31Z
Modified
2018-05-24T15:51:07Z
Summary
Updated mbedtls packages fix security issues
Details

CVE-2018-9988: ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in sslparseserverkeyexchange() that could cause a crash on invalid input. CVE-2018-9989: ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in sslparseserverpskhint() that could cause a crash on invalid input.

References
Credits

Affected packages