ARM mbed TLS up to 2.7.17 LTS/2.16.8 LTS/2.24.x Diffie-Hellman Key Pair Generator mbedtls_mpi_exp_mod denial of service

A vulnerability was found in ARM mbed TLS up to 2.7.17 LTS/2.16.8 LTS/2.24.x. It has been rated as problematic. Affected by this issue is the function mbedtls_mpi_exp_mod of the component Diffie-Hellman Key Pair Generator. Upgrading to version 2.7.18 LTS, 2.16.9 LTS or 2.25.0 eliminates this vulnerability. The upgrade is hosted for download at github.com.

Common Vulnerabilityies and Exposures

Contact us to get started

CVE-2024-26622 : LINUX KERNEL UP TO 6.8-RC6 TOMOYO_WRITE_CONTROL USE AFTER FREE

CVE-2024-26622 : LINUX KERNEL UP TO 6.8-RC6 TOMOYO_WRITE_CONTROL USE AFTER FREE

Description In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since tomoyo_write_control()

CVE-2023-52479 : LINUX KERNEL UP TO 5.15.134/6.1.56/6.5.6 KSMBD SMB20_OPLOCK_BREAK_ACK USE AFTER FREE

CVE-2023-52479 : LINUX KERNEL UP TO 5.15.134/6.1.56/6.5.6 KSMBD SMB20_OPLOCK_BREAK_ACK USE AFTER FREE

Description In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix uaf in smb20_oplock_break_ack drop reference after use

CVE-2024-22459 : DELL ECS UP TO 3.6.2.5/3.7.0.6/3.8.0.4 ACCESS CONTROL

CVE-2024-22459 : DELL ECS UP TO 3.6.2.5/3.7.0.6/3.8.0.4 ACCESS CONTROL

Description Dell ECS, versions 3.6 through 3.6.2.5, and 3.7 through 3.7.0.6, and 3.8 through 3.8.0.4 versions, contain an improper access