CVE-2023-43615 — Classic Buffer Overflow in ARM Mbed TLS

Severity

7.5HIGHNVD

EPSS

0.3%

top 45.86%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Timeline

PublishedOct 7

Latest updateOct 10

Description

Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6

▶NVDarm/mbed_tls2.0.0 — 2.28.5+1

Also affects: Fedora 37, 38, 39

CVEList

CVE-2023-43615: Mbed TLS 2↗2023-10-07

▶

OSV

CVE-2023-43615: Mbed TLS 2↗2023-10-07

▶

GHSA

GHSA-656f-g689-89jh: Mbed TLS 2↗2023-10-07

▶

Microsoft

Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.↗2023-10-10

▶

Debian

CVE-2023-43615: mbedtls - Mbed TLS 2.x before 2.28.5 and 3.x before 3.5.0 has a Buffer Overflow.↗2023

▶