Advisories ยป MGASA-2018-0163

Updated mbedtls and related packages fix security vulnerabilities

Publication date: 10 Mar 2018
Type: security
Affected Mageia releases : 6
CVE: CVE-2018-0488 , CVE-2018-0487

Description

The mbedtls package has been updated to fix several security issues.

Fixed a heap corruption issue in the implementation of the truncated HMAC
extension. When the truncated HMAC extension is enabled and CBC is used,
sending a malicious application packet could be used to selectively corrupt
6 bytes on the peer's heap, which could potentially lead to crash or remote
code execution. The issue could be triggered remotely from either side in
both TLS and DTLS. (CVE-2018-0488) 

Fixed a buffer overflow in RSA-PSS verification when the hash was too large
for the key size, which could potentially lead to crash or remote code
execution. (CVE-2018-0487)
                

References

SRPMS

6/tainted

6/core