Stack Buffer Overflow in mbedtls_ecdsa_der_to_raw() and mbedtls_ecdsa_raw_to_der() Can Occur in Mbed TLS 3.6 Before 3.6.1
CVE-2024-45158

9.8CRITICAL

Key Information:

Vendor: Mbed TLS
Status: Mbed Tls
Vendor: CVE Published:; 5 September 2024

What is CVE-2024-45158?

A stack buffer overflow issue has been identified in Mbed TLS versions prior to 3.6.1. This vulnerability occurs in the functions mbedtls_ecdsa_der_to_raw() and mbedtls_ecdsa_raw_to_der() when the bits parameter exceeds the limits of the largest supported curve. In specific configurations where PSA is disabled, all values of bits could be impacted. While internal library calls may not trigger this, direct calls from applications pose a security risk, potentially leading to unauthorized data access or application crashes.

References

https://mbed-tls.readthedocs.io/en/latest/security-adviso...

https://github.com/Mbed-TLS/mbedtls/releases/

https://mbed-tls.readthedocs.io/en/latest/security-adviso...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 5, 2024

CVE-2024-45158 Data

JSON