Security update for mbedtls SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2018:0491-1 Final 1 1 2018-02-20T12:28:29Z current 2018-02-20T12:28:29Z 2018-02-20T12:28:29Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for mbedtls This update for mbedtls fixes the following issues: - CVE-2018-0487: Fixed a buffer overflow in RSASSA-PSS signature verification, which allowed remote attackers to execute arbitrary code or cause a denial of service via a crafted certificate chain. (boo#1080826) - CVE-2018-0488: Fixed a heap vulnerability, which allowed remote attackers to execute arbitrary code or cause a DoS via a crafted application packet when the truncated HMAC extension and CBC are used. (boo#1080828) - CVE-2017-18187: Fixed bound check in ssl_parse_client_psk_identity(), which might lead to an overflow. (boo#1080973) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-2018-186 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1080826 SUSE Bug 1080826 https://bugzilla.suse.com/1080828 SUSE Bug 1080828 https://bugzilla.suse.com/1080973 SUSE Bug 1080973 https://www.suse.com/security/cve/CVE-2017-18187/ SUSE CVE CVE-2017-18187 page https://www.suse.com/security/cve/CVE-2018-0487/ SUSE CVE CVE-2018-0487 page https://www.suse.com/security/cve/CVE-2018-0488/ SUSE CVE CVE-2018-0488 page SUSE Package Hub 12 libmbedtls9-1.3.19-11.1 mbedtls-devel-1.3.19-11.1 libmbedtls9-1.3.19-11.1 as a component of SUSE Package Hub 12 mbedtls-devel-1.3.19-11.1 as a component of SUSE Package Hub 12 In ARM mbed TLS before 2.7.0, there is a bounds-check bypass through an integer overflow in PSK identity parsing in the ssl_parse_client_psk_identity() function in library/ssl_srv.c. CVE-2017-18187 SUSE Package Hub 12:libmbedtls9-1.3.19-11.1 SUSE Package Hub 12:mbedtls-devel-1.3.19-11.1 moderate 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2017-18187.html CVE-2017-18187 https://bugzilla.suse.com/1080973 SUSE Bug 1080973 ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 allows remote attackers to execute arbitrary code or cause a denial of service (buffer overflow) via a crafted certificate chain that is mishandled during RSASSA-PSS signature verification within a TLS or DTLS session. CVE-2018-0487 SUSE Package Hub 12:libmbedtls9-1.3.19-11.1 SUSE Package Hub 12:mbedtls-devel-1.3.19-11.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-0487.html CVE-2018-0487 https://bugzilla.suse.com/1080826 SUSE Bug 1080826 ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the truncated HMAC extension and CBC are used, allows remote attackers to execute arbitrary code or cause a denial of service (heap corruption) via a crafted application packet within a TLS or DTLS session. CVE-2018-0488 SUSE Package Hub 12:libmbedtls9-1.3.19-11.1 SUSE Package Hub 12:mbedtls-devel-1.3.19-11.1 important 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2018-0488.html CVE-2018-0488 https://bugzilla.suse.com/1080828 SUSE Bug 1080828