yuzu-emu/mbedtls
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add change log

Browse source 
Signed-off-by: Ronald Cron <ronald.cron@arm.com>
This commit is contained in:
Ronald Cron 2021-12-02 11:26:07 +01:00
parent a393619dc2
commit 0118627013
1 changed files with 5 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
ChangeLog.d/fix-aead-nonce.txt Normal file
View file

@ -0,0 +1,5 @@
Security
* In psa_aead_generate_nonce(), do not read back from the output buffer.
This fixes a potential policy bypass or decryption oracle vulnerability
if the output buffer is in memory that is shared with an untrusted
application.