[Bug 1672686] [NEW] CVE-2017-2748 - Freeing of memory allocated on stack when validating a public key with a secp224k1 curve

James Cowgill Tue, 14 Mar 2017 04:26:42 -0700

*** This bug is a security vulnerability ***

Public security bug reported:


The following security bug was published for mbedtls:

Freeing of memory allocated on stack when validating a public key with a
secp224k1 curve

[Vulnerability]
If a malicious peer supplies a certificate with a specially crafted secp224k1 
public key, then an attacker can cause the server or client to attempt to free 
block of memory held on stack.

[Impact]
Depending on the platform, this could result in a Denial of Service (client 
crash) or potentially could be exploited to allow remote code execution with 
the same privileges as the host application.

[Resolution]
Affected users should upgrade to mbed TLS 1.3.19, mbed TLS 2.1.7 or mbed TLS 
2.4.2.

https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-
advisory-2017-01

** Affects: mbedtls (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: polarssl (Ubuntu)
     Importance: Undecided
         Status: New

** Affects: mbedtls (Debian)
     Importance: Unknown
         Status: Unknown

** Affects: polarssl (Debian)
     Importance: Unknown
         Status: Unknown

** Information type changed from Private Security to Public Security

** CVE added: http://www.cve.mitre.org/cgi-
bin/cvename.cgi?name=2017-2748

** Bug watch added: Debian Bug tracker #857560
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857560

** Also affects: mbedtls (Debian) via
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857560
   Importance: Unknown
       Status: Unknown

** Also affects: polarssl (Ubuntu)
   Importance: Undecided
       Status: New

** Bug watch added: Debian Bug tracker #857561
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857561

** Also affects: polarssl (Debian) via
   http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=857561
   Importance: Unknown
       Status: Unknown

-- 
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1672686

Title:
  CVE-2017-2748 - Freeing of memory allocated on stack when validating a
  public key with a secp224k1 curve

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mbedtls/+bug/1672686/+subscriptions

-- 
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 1672686] [NEW] CVE-2017-2748 - Freeing of memory allocated on stack when validating a public key with a secp224k1 curve

Reply via email to