Buffer overflow in mbed TLS

#VU10955 Buffer overflow in mbed TLS

Published: 2018-03-13 | Updated: 2018-03-15

Vulnerability identifier: #VU10955

Vulnerability risk: High

CVSSv3.1: 8.7 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-0487

CWE-ID: CWE-120

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
mbed TLS
Universal components / Libraries / Libraries used by multiple products

Vendor: ARM

Description
The vulnerability allows a remote unauthenticated attacker to execute arbitrary code on the target system.

The weakness exists due to improper validation of Rivest-Shamir-Adleman Probabilistic Signature Scheme (RSASSA-PSS) signatures. A remote attacker can send a specially crafted certificate chain, which the affected software can mishandle during RSASSA-PSS signature verification, trigger buffer overflow and execute arbitrary code.

Successful exploitation of the vulnerability may result in system compromise.

Mitigation
Update to versions 1.3.22, 2.1.10 or 2.7.0.

Vulnerable software versions

mbed TLS: 1.3.8 - 1.3.21, 2.1.0 - 2.1.9, 2.4.0 - 2.4.2

External links
http://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Ubuntu update for ARM mbed TLS

Buffer overflow in mbedtls (Alpine package)

Gentoo update for mbed TLS

Debian update for polarssl

Debian update for mbedtls

Denial of service in ARM mbed TLS