Buffer Overflow Affecting mbedtls package, versions [,2.28.8)[3.0.0,3.5.0)
Threat Intelligence
The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-CONAN-MBEDTLS-10077657
- published8 May 2025
- disclosed7 Oct 2023
- creditUnknown
Introduced: 7 Oct 2023
CVE-2023-43615 (opens in a new tab)How to fix?
Upgrade mbedtls to version 2.28.8, 3.5.0 or higher.
Overview
Affected versions of this package are vulnerable to Buffer Overflow in processing certain data, an attacker can cause a buffer overflow by sending specially crafted input.
Workaround
The vulnerability is not present in the default build of Mbed TLS. It is only present if the compile-time configuration enables the vulnerable cipher suites. If you use a custom configuration and you want to check that the vulnerable cipher suites are not included in your build:
In Mbed TLS 3.x or 2.28, make sure that
MBEDTLS_CIPHER_NULL_CIPHERis not enabled.In Mbed TLS 2.28, also make sure that
MBEDTLS_REMOVE_ARC4_CIPHERSUITESis enabled, or thatMBEDTLS_ARC4_Cis not enabled.
If the vulnerable cipher suites are enabled at compile time, they can be disabled at run time by calling mbedtls_ssl_conf_ciphersuites() with a list that does not include null-cipher or RC4 cipher suites. Alternatively, call mbedtls_ssl_conf_ciphersuites_for_version() for all affected protocol versions (SSLv3, TLS 1.0, TLS 1.1, TLS 1.2).
Note:
Applications that only accept TLS 1.3 are not affected.
The vulnerability only affects data records after a successful handshake, so if your TLS endpoint requires authentication, it can only be exploited by an authenticated client. Also, a firewall that prevents the negotiation of null-cipher or RC4 cipher suites will prevent the vulnerability from being exploited by traffic that goes through the firewall.