Gentoo update for Mbed TLS
| Risk | High |
| Patch available | YES |
| Number of vulnerabilities | 6 |
| CVE-ID | CVE-2022-46392 CVE-2022-46393 CVE-2023-43615 CVE-2023-45199 CVE-2024-23170 CVE-2024-23775 |
| CWE-ID | CWE-203 CWE-125 CWE-122 CWE-385 CWE-190 |
| Exploitation vector | Network |
| Public exploit | N/A |
| Vulnerable software |
Gentoo Linux Operating systems & Components / Operating system net-libs/mbedtls Operating systems & Components / Operating system package or component |
| Vendor | Gentoo |
Security Bulletin
This security bulletin contains information about 6 vulnerabilities.
1) Observable discrepancy
EUVDB-ID: #VU97653
Risk: Low
CVSSv4.0: 4.3 [CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2022-46392
CWE-ID:
CWE-203 - Observable discrepancy
Exploit availability: No
DescriptionThe vulnerability allows a local user to recover an RSA private key.
The vulnerability exists due to observable discrepancy. A local user with access to local memory can recover an RSA private key after observing the victim performing a single private-key operation.
MitigationUpdate the affected packages.
net-libs/mbedtls to version: 2.28.7
Gentoo Linux: All versions
net-libs/mbedtls: before 2.28.7
CPE2.3- cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:gentoo:net-libs_mbedtls:*:*:*:*:*:gentoo_linux:*:*
http://security.gentoo.org/glsa/202409-14
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Out-of-bounds read
EUVDB-ID: #VU97654
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2022-46393
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to heap-based buffer overread in DTLS if MBEDTLS_SSL_DTLS_CONNECTION_ID is enabled and MBEDTLS_SSL_CID_IN_LEN_MAX > 2 * MBEDTLS_SSL_CID_OUT_LEN_MAX. A remote attacker can perform a denial of service attack.
MitigationUpdate the affected packages.
net-libs/mbedtls to version: 2.28.7
Gentoo Linux: All versions
net-libs/mbedtls: before 2.28.7
CPE2.3- cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:gentoo:net-libs_mbedtls:*:*:*:*:*:gentoo_linux:*:*
http://security.gentoo.org/glsa/202409-14
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Out-of-bounds read
EUVDB-ID: #VU81727
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2023-43615
CWE-ID:
CWE-125 - Out-of-bounds read
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a boundary condition. A remote attacker can send a malformed encrypted (or null-encrypted) record and perform a denial of service (DoS) attack.
Update the affected packages.
net-libs/mbedtls to version: 2.28.7
Gentoo Linux: All versions
net-libs/mbedtls: before 2.28.7
CPE2.3- cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:gentoo:net-libs_mbedtls:*:*:*:*:*:gentoo_linux:*:*
http://security.gentoo.org/glsa/202409-14
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
4) Heap-based buffer overflow
EUVDB-ID: #VU97655
Risk: High
CVSSv4.0: 7.2 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2023-45199
CWE-ID:
CWE-122 - Heap-based Buffer Overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error in TLS handshake parsing with ECDH. A remote attacker can send specially crafted input to the application, trigger a heap-based buffer overflow and execute arbitrary code on the target system.
A TLS 1.2 server configured with MBEDTLS_USE_PSA_CRYPTO and with support for a cipher suite using ECDH and a signature is vulnerable.
MitigationUpdate the affected packages.
net-libs/mbedtls to version: 2.28.7
Gentoo Linux: All versions
net-libs/mbedtls: before 2.28.7
CPE2.3- cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:gentoo:net-libs_mbedtls:*:*:*:*:*:gentoo_linux:*:*
http://security.gentoo.org/glsa/202409-14
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
5) Covert Timing Channel
EUVDB-ID: #VU86233
Risk: Medium
CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-23170
CWE-ID:
CWE-385 - Covert Timing Channel
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform MitM attack.
The vulnerability exists due to a timing side channel in RSA private operations. A remote attacker can perform Marvin attack and gain access to sensitive information. MitigationUpdate the affected packages.
net-libs/mbedtls to version: 2.28.7
Gentoo Linux: All versions
net-libs/mbedtls: before 2.28.7
CPE2.3- cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:gentoo:net-libs_mbedtls:*:*:*:*:*:gentoo_linux:*:*
http://security.gentoo.org/glsa/202409-14
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
6) Integer overflow
EUVDB-ID: #VU86232
Risk: Medium
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]
CVE-ID: CVE-2024-23775
CWE-ID:
CWE-190 - Integer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to integer overflow in mbedtls_x509_set_extension(). A remote attacker can pass specially crafted data to the application, trigger an integer overflow and perform a denial of service (DoS) attack.
Update the affected packages.
net-libs/mbedtls to version: 2.28.7
Gentoo Linux: All versions
net-libs/mbedtls: before 2.28.7
CPE2.3- cpe:2.3:o:gentoo:gentoo_linux:*:*:*:*:*:*:*:*
- cpe:2.3:o:gentoo:net-libs_mbedtls:*:*:*:*:*:gentoo_linux:*:*
http://security.gentoo.org/glsa/202409-14
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
