#VU11120 Security restrictions bypass in mbed TLS - CVE-2017-18187

Cybersecurity Help s.r.o.

Published: 2018-03-15

Vulnerability identifier: #VU11120

Vulnerability risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-18187

CWE-ID: CWE-190

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
mbed TLS
Universal components / Libraries / Libraries used by multiple products

Vendor: ARM

Description
The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c. A remote attacker can trigger memory corruption and bypass bounds-check.

Mitigation
Install update from vendor's website.

Vulnerable software versions

mbed TLS: 2.1.0 - 2.1.10, 2.4.0 - 2.4.2

External links
https://github.com/ARMmbed/mbedtls/commit/83c9f495ffe70c7dd280b41fdfd4881485a3bc28

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Ubuntu update for ARM mbed TLS

Security restrictions bypass in mbedtls (Alpine package)

Gentoo update for mbed TLS

Debian update for polarssl

Debian update for mbedtls