mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2025-12-12 14:21:20 +03:00
11 lines
539 B
Plaintext
11 lines
539 B
Plaintext
Security
|
|
* Fix a bug in mbedtls_x509_string_to_names() and the
|
|
mbedtls_x509write_{crt,csr}_set_{subject,issuer}_name() functions,
|
|
where some inputs would cause an inconsistent state to be reached, causing
|
|
a NULL dereference either in the function itself, or in subsequent
|
|
users of the output structure, such as mbedtls_x509_write_names(). This
|
|
only affects applications that create (as opposed to consume) X.509
|
|
certificates, CSRs or CRLs. Found by Linh Le and Ngan Nguyen from Calif.
|
|
CVE-2025-48965
|
|
|