CVE-2024-28960
Publication date 29 March 2024
Last updated 24 July 2024
Ubuntu priority
An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory.
Status
Package | Ubuntu Release | Status |
---|---|---|
mbedtls | 24.04 LTS noble |
Needs evaluation
|
22.04 LTS jammy |
Needs evaluation
|
|
20.04 LTS focal |
Needs evaluation
|
|
18.04 LTS bionic |
Needs evaluation
|
|
16.04 LTS xenial |
Needs evaluation
|
References
Other references
- https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-03/
- https://github.com/Mbed-TLS/mbedtls-docs/blob/main/security-advisories/mbedtls-security-advisory-2024-03.md
- https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/
- https://www.cve.org/CVERecord?id=CVE-2024-28960