CVE-2015-8036

Published: Nov 2, 2015Modified: May 6, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Heap-based buffer overflow in ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long session ticket name to the session ticket extension, which is not properly handled when creating a ClientHello message to resume a session. NOTE: this identifier was SPLIT from CVE-2015-5291 per ADT3 due to different affected version ranges.

Affected (7)

Products: Arm: Mbed Tls · Polarssl: Polarssl · Debian: Debian Linux · +2 more

Show all products

Arm: Mbed Tls · Polarssl: Polarssl · Debian: Debian Linux · Fedoraproject: Fedora · Opensuse: Opensuse

1 product

1 product

1 product

1 product

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Arm Mbed Tls	From 1.3.0 to 1.3.14
Arm Mbed Tls	From 2.0.0 to 2.1.2
Polarssl Polarssl	Up to 1.2.17

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 7.0
Debian Debian Linux	Version 8.0
Fedoraproject Fedora	Version 21
Opensuse Opensuse	Version 13.2

Related CWEs

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (12)

http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169625.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-updates/2016-08/msg00009.html

Source: cve@mitre.org

Mailing ListThird Party Advisory

http://www.debian.org/security/2016/dsa-3468

Source: cve@mitre.org

Mailing ListThird Party Advisory

https://guidovranken.files.wordpress.com/2015/10/cve-2015-5291.pdf

Source: cve@mitre.org

Third Party Advisory

https://guidovranken.wordpress.com/2015/10/07/cve-2015-5291/

Source: cve@mitre.org

Third Party Advisory

https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01

Source: cve@mitre.org

Vendor Advisory

http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169625.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://lists.opensuse.org/opensuse-updates/2016-08/msg00009.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://www.debian.org/security/2016/dsa-3468

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

https://guidovranken.files.wordpress.com/2015/10/cve-2015-5291.pdf

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://guidovranken.wordpress.com/2015/10/07/cve-2015-5291/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.