CVE-2024-23170 Timing side channel in private key RSA operations. Mbed TLS is vulnerable to a timing side channel in private key RSA operations. This side channel could be sufficient for an attacker to recover the plaintext. A local attacker or a remote attacker who is close to the victim on the network might have precise enough timing measurements to exploit this. It requires the attacker to send a large number of messages for decryption. https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-1/ CVE-2024-23775 Buffer overflow in mbedtls_x509_set_extension(). When writing x509 extensions we failed to validate inputs passed in to mbedtls_x509_set_extension(), which could result in an integer overflow, causing a zero-length buffer to be allocated to hold the extension. The extension would then be copied into the buffer, causing a heap buffer overflow. https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-01-2/ Resolution: update net-libs/mbedtls to 2.28.7 and 3.5.2.
Created mbedtls tracking bugs for this issue: Affects: epel-all [bug 2261599] Affects: fedora-all [bug 2261600]