Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2025-52496

Опубликовано: 04 июл. 2025
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS3: 7.8

Описание

Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery.

РелизСтатусПримечание
devel

not-affected

3.6.5-0.1ubuntu2
esm-apps/bionic

released

2.8.0-1ubuntu0.1~esm1
esm-apps/focal

released

2.16.4-1ubuntu2+esm1
esm-apps/jammy

released

2.28.0-1ubuntu0.1~esm1
esm-apps/noble

released

2.28.8-1ubuntu0.1~esm1
esm-apps/xenial

needed

jammy

needed

noble

needed

oracular

ignored

end of life, was needs-triage
plucky

ignored

end of life, was needed

Показывать по

Ссылки на источники

EPSS

Процентиль: 9%
0.00032
Низкий

7.8 High

CVSS3

Связанные уязвимости

nvd логотип

CVE-2025-52496

CVSS3: 7.8
nvd
9 месяцев назад

Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery.

msrc логотип

CVE-2025-52496

msrc
7 месяцев назад

Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery.

debian логотип

CVE-2025-52496

CVSS3: 7.8
debian
9 месяцев назад

Mbed TLS before 3.6.4 has a race condition in AESNI detection if certa ...

github логотип

GHSA-qc26-g9mm-wmmf

CVSS3: 7.8
github
9 месяцев назад

Mbed TLS before 3.6.4 has a race condition in AESNI detection if certain compiler optimizations occur. An attacker may be able to extract an AES key from a multithreaded program, or perform a GCM forgery.

fstec логотип

BDU:2025-09517

CVSS3: 7.8
fstec
9 месяцев назад

Уязвимость функции mbedtls_aesni_has_support() программного обеспечения Mbed TLS, позволяющая нарушителю оказать воздействие на целостность и конфиденциальность защищаемой информации

EPSS

Процентиль: 9%
0.00032
Низкий

7.8 High

CVSS3