mbedtls/ChangeLog.d/xxx_psa_peerkey.txt
Gilles Peskine 6dd5b9a60c In TLS 1.2, only servers are affected
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
2023-10-02 15:38:51 +02:00

8 lines
412 B
Text

Security
* Fix a remotely exploitable heap buffer overflow in TLS handshake parsing.
In TLS 1.3, all configurations are affected except PSK-only ones, and
both clients and servers are affected.
In TLS 1.2, the affected configurations are those with
MBEDTLS_USE_PSA_CRYPTO and ECDH enabled but DHM and RSA disabled,
and only servers are affected, not clients.
Credit to OSS-Fuzz.