Integer Overflow vulnerability in Mbed TLS 2.x before 2.28.7 and 3.x before 3.5.2, allows attackers to cause a denial of service (DoS) via mbedtlsx509set_extension().
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "2.28.8-1", "binary_name": "libmbedcrypto7t64" }, { "binary_version": "2.28.8-1", "binary_name": "libmbedcrypto7t64-dbgsym" }, { "binary_version": "2.28.8-1", "binary_name": "libmbedtls-dev" }, { "binary_version": "2.28.8-1", "binary_name": "libmbedtls-doc" }, { "binary_version": "2.28.8-1", "binary_name": "libmbedtls14t64" }, { "binary_version": "2.28.8-1", "binary_name": "libmbedtls14t64-dbgsym" }, { "binary_version": "2.28.8-1", "binary_name": "libmbedx509-1t64" }, { "binary_version": "2.28.8-1", "binary_name": "libmbedx509-1t64-dbgsym" } ] }