CVE-2025-49601
published 2025-07-04CVE-2025-49601: In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a…
PriorityP334medium6.5CVSS 3.1
AVNACLPRNUINSUCLINAL
EPSS
0.26%
17.2th percentile
In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtls_lms_import_public_key allows context-dependent attackers to trigger a crash or limited adjacent-memory disclosure by supplying a truncated LMS (Leighton-Micali Signature) public-key buffer under four bytes. An LMS public key starts with a 4-byte type indicator. The function mbedtls_lms_import_public_key reads this type indicator before validating the size of its input.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | mbedtls | < mbedtls 3.6.4-1 (forky) | mbedtls 3.6.4-1 (forky) |
| mbed | mbedtls | >= 0 < 3.6.4-1 | 3.6.4-1 |
| mbed | mbedtls | >= 0 < 3.6.4-1 | 3.6.4-1 |
| mbed | mbedtls | >= 3.3.0 < 3.6.4 | 3.6.4 |
| trustedfirmware | mbed_tls | >= 3.3.0 < 3.6.4 | 3.6.4 |
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L
osv6.5MEDIUM
vendor_debian4.8LOW
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
OSV
CVE-2025-49601: In MbedTLS 3
osv·2025-07-04·CVSS 6.5
CVE-2025-49601 [MEDIUM] CVE-2025-49601: In MbedTLS 3
In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtls_lms_import_public_key allows context-dependent attackers to trigger a crash or limited adjacent-memory disclosure by supplying a truncated LMS (Leighton-Micali Signature) public-key buffer under four bytes. An LMS public key starts with a 4-byte type indicator. The function mbedtls_lms_import_public_key reads this type indicator before validating the size of its input.
GHSA
GHSA-h9v9-9rwj-pmq9: In MbedTLS 3
ghsa_unreviewed·2025-07-04
CVE-2025-49601 [MEDIUM] CWE-125 GHSA-h9v9-9rwj-pmq9: In MbedTLS 3
In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtls_lms_import_public_key allows context-dependent attackers to trigger a crash or limited adjacent-memory disclosure by supplying a truncated LMS (Leighton-Micali Signature) public-key buffer under four bytes. An LMS public key starts with a 4-byte type indicator. The function mbedtls_lms_import_public_key reads this type indicator before validating the size of its input.
Debian
CVE-2025-49601: mbedtls - In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that...
vendor_debian·2025·CVSS 4.8
CVE-2025-49601 [MEDIUM] CVE-2025-49601: mbedtls - In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that...
In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtls_lms_import_public_key allows context-dependent attackers to trigger a crash or limited adjacent-memory disclosure by supplying a truncated LMS (Leighton-Micali Signature) public-key buffer under four bytes. An LMS public key starts with a 4-byte type indicator. The function mbedtls_lms_import_public_key reads this type indicator before validating the size of its input.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved (fixed in 3.6.4-1)
sid: resolved (fixed in 3.6.4-1)
trixie: resolved (fixed in 3.6.4-1)
No detection rules found.
No public exploits indexed.
2025-07-04
Published