Wind River Support Network

HomeDefectsLIN1021-7102
Acknowledged

LIN1021-7102 : Security Advisory - mbedtls - CVE-2023-52353

Created: Jan 21, 2024    Updated: Feb 1, 2024
Found In Version: 10.21.20.1
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

An issue was discovered in Mbed TLS through 3.5.1. In mbedtls_ssl_session_reset, the maximum negotiable TLS version is mishandled. For example, if the last connection negotiated TLS 1.2, then 1.2 becomes the new maximum.

CREATE(Triage):(User=admin) CVE-2023-52353 (https://nvd.nist.gov/vuln/detail/CVE-2023-52353)
Live chat
Online
  • Linkedin
  • Facebook
  • Twitter
  • Youtube