Описание
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.
Отчет
This vulnerability affects products that use Mbed TLS to provide an implementation of the PSA Crypto API with domain isolation between API callers (“client application”) and the API implementation (“crypto server”), where communication is done through shared memory. Applications that use Mbed TLS as a library inside their own process space are not affected.
Ссылки на источники
Дополнительная информация
Статус:
EPSS
5.3 Medium
CVSS3
Связанные уязвимости
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28. ...
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.
EPSS
5.3 Medium
CVSS3