From e0d7367a9ed3e6096914686c19f8175d00de44a5 Mon Sep 17 00:00:00 2001 From: Ronald Cron Date: Fri, 17 Jun 2022 15:38:26 +0200 Subject: [PATCH] Add change log Signed-off-by: Ronald Cron --- ChangeLog.d/tls13-add-missing-overread-check.txt | 8 ++++++++ 1 file changed, 8 insertions(+) create mode 100644 ChangeLog.d/tls13-add-missing-overread-check.txt diff --git a/ChangeLog.d/tls13-add-missing-overread-check.txt b/ChangeLog.d/tls13-add-missing-overread-check.txt new file mode 100644 index 000000000..4552cd735 --- /dev/null +++ b/ChangeLog.d/tls13-add-missing-overread-check.txt @@ -0,0 +1,8 @@ +Security + * Fix a buffer overread in TLS 1.3 Certificate parsing. An unauthenticated + client or server could cause an MbedTLS server or client to overread up + to 64 kBytes of data and potentially overread the input buffer by that + amount minus the size of the input buffer. As overread data undergoes + various checks, the likelihood of reaching the boundary of the input + buffer is rather small but increases as its size + MBEDTLS_SSL_IN_CONTENT_LEN decreases.