{"id":"MGASA-2022-0415","summary":"Updated mbedtls packages fix security vulnerability","details":"An unauthenticated remote host could send an invalid ClientHello message in\nwhich the declared length of the cookie extends past the end of the message.\nA DTLS server with MBEDTLS_SSL_DTLS_CLIENT_PORT_REUSE enabled would read past\nthe end of the message up to the declared length of the cookie. This could\ncause a buffer overread of up to 255 bytes on the heap in vulnerable DTLS\nservers, which may lead to a crash or to information disclosure via the\ncookie check function (CVE-2022-35409).\n\nThis issue has been patched, backporting a fix from upstream's 2.28.0 release.\n","modified":"2026-04-16T00:09:17.934793995Z","published":"2022-11-08T19:44:28Z","upstream":["CVE-2022-35409"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2022-0415.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=31058"},{"type":"ADVISORY","url":"https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/mbedtls-security-advisory-2022-07/"},{"type":"WEB","url":"https://github.com/Mbed-TLS/mbedtls/commit/e5af9fabf7d68e3807b6ea78792794b8352dbba2"}],"affected":[{"package":{"name":"mbedtls","ecosystem":"Mageia:8","purl":"pkg:rpm/mageia/mbedtls?arch=source&distro=mageia-8"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"2.16.12-1.1.mga8"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2022-0415.json"}}],"schema_version":"1.7.5","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}