CRITICAL✓ PATCH🇵🇱 Wersja polska

CVE-2026-34875

CVSS 9.8v3.1pub. 2026-04-01upd. 2026-06-05

An issue was discovered in Mbed TLS through 3.6.5 and TF-PSA-Crypto 1.0.0. A buffer overflow can occur in public key export for FFDH keys.

🤖 AI Analysis
How it works

The vulnerability (CWE-120 — classic buffer overflow) occurs in the public key export procedure for the FFDH algorithm. During this operation, data writing exceeds the boundary of the allocated buffer in memory, which can lead to overwriting adjacent memory areas. The vulnerability is network-accessible, requires no user interaction or any privileges, making it particularly dangerous in environments using these cryptographic libraries.

Impact

An attacker may potentially gain unauthorized access to sensitive data, compromise system integrity, or cause system unavailability (respectively: High for confidentiality, integrity, and availability according to CVSS). In the worst-case scenario, remote code execution (RCE) is possible.

Mitigation & patch

Patches available from the manufacturer should be applied according to the references. Details regarding the corrected version are available in the official Arm Mbed TLS security advisory at: https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2026-03-ffdh-buffer-overflow/

Who is affected

Arm Mbed TLS in versions up to 3.6.5 inclusive and Arm TF-PSA-Crypto in version 1.0.0.

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
  • Trustedfirmware Mbed Tls

    APP
    Trustedfirmware
    3.5.0 – 3.6.6 (bez)
  • Trustedfirmware Tf Psa Crypto

    APP
    Trustedfirmware
    < 1.1.0
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
Memory
CWE
References

Related vulnerabilities

CVE-2026-34877CRITICAL9.8PL ✓ten sam produkt

RCE przez deserializację kontekstu SSL w Mbed TLS

CVE-2026-34873CRITICAL9.1PL ✓ten sam produkt

Arm Mbed TLS: podszywanie się pod klienta przy wznawianiu sesji TLS 1.3

CVE-2024-49195CRITICAL9.8PL ✓ten sam produkt

Buffer underrun w Mbed TLS podczas zapisu nieprzezroczystej pary kluczy

CVE-2024-45159CRITICAL9.8PL ✓ten sam produkt

Arm Mbed TLS: błąd weryfikacji certyfikatu klienta w TLS 1.3

CVE-2024-45158CRITICAL9.8PL ✓ten sam produkt

Stack buffer overflow w Mbed TLS – funkcje konwersji ECDSA