1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • Bug#1101499: mbedtls: CVE-2025-27809 CVE-2025-27810

    From =?UTF-8?Q?Moritz_M=C3=BChlenhoff?=@21:1/5 to All on Fri Mar 28 15:50:01 2025
    Source: mbedtls
    X-Debbugs-CC: team@security.debian.org
    Severity: important
    Tags: security

    Hi,

    The following vulnerabilities were published for mbedtls.

    CVE-2025-27809[0]:
    | Mbed TLS before 2.28.10 and 3.x before 3.6.3, on the client side,
    | accepts servers that have trusted certificates for arbitrary
    | hostnames unless the TLS client application calls
    | mbedtls_ssl_set_hostname.

    https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-1/

    CVE-2025-27810[1]:
    | Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of
    | failed memory allocation or hardware errors, uses uninitialized
    | stack memory to compose the TLS Finished message, potentially
    | leading to authentication bypasses such as replays.

    https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-2/


    If you fix the vulnerabilities please also make sure to include the
    CVE (Common Vulnerabilities & Exposures) ids in your changelog entry.

    For further information see:

    [0] https://security-tracker.debian.org/tracker/CVE-2025-27809
    https://www.cve.org/CVERecord?id=CVE-2025-27809
    [1] https://security-tracker.debian.org/tracker/CVE-2025-27810
    https://www.cve.org/CVERecord?id=CVE-2025-27810

    Please adjust the affected versions in the BTS as needed.

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Diederik de Haas@21:1/5 to All on Wed Apr 2 17:50:01 2025
    --c1b20e0c8a2b0dbe69199a9761ad9b1c764dbfce024eb2713004717881e5 Content-Transfer-Encoding: quoted-printable
    Content-Type: text/plain; charset=UTF-8

    Control: tag -1 +fixed-upstream

    As can be read in the provided links, both CVEs are fixed upstream in
    version 3.6.3, so tag the bug accordingly.

    --c1b20e0c8a2b0dbe69199a9761ad9b1c764dbfce024eb2713004717881e5
    Content-Type: application/pgp-signature; name="signature.asc"

    -----BEGIN PGP SIGNATURE-----

    iHUEABYIAB0WIQT1sUPBYsyGmi4usy/XblvOeH7bbgUCZ+1aTQAKCRDXblvOeH7b bh/9AQDsmtPTLnZhRfu4LwDRGMXeQqnqxCLXhyeu7KojnKKKqQD7BVFpsExmKgQi ppJpXe5DfYhzdr8VKuynAMVOXJRdcwQó0m
    -----END PGP SIGNATURE-----

    --c1b20e0c8a2b0dbe69199a9761ad9b1c764dbfce024eb2713004717881e5--

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)