1
Candidate: CVE-2018-0488
4
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0488
5
https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01
7
ARM mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0, when the
8
truncated HMAC extension and CBC are used, allows remote attackers to
9
execute arbitrary code or cause a denial of service (heap corruption) via a
10
crafted application packet within a TLS or DTLS session.
14
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=890287
21
upstream_mbedtls: needs-triage
22
precise/esm_mbedtls: DNE
24
xenial_mbedtls: needs-triage
25
artful_mbedtls: needs-triage
26
bionic_mbedtls: needs-triage
27
devel_mbedtls: needs-triage
30
upstream_polarssl: needs-triage
31
precise/esm_polarssl: DNE
32
trusty_polarssl: needs-triage