CVE-2015-5291

Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long hostname to the server name indication (SNI) extension, which is not properly handled when creating a ClientHello message.  NOTE: this identifier has been SPLIT per ADT3 due to different affected version ranges. See CVE-2015-8036 for the session ticket issue that was introduced in 1.3.0.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
6.8 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:P/I:P/A:P
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
VendorProductVersion
armmbed_tls
1.3.0 ≤
𝑥
< 1.3.14
armmbed_tls
2.0.0 ≤
𝑥
< 2.1.2
polarsslpolarssl
1.0.0 ≤
𝑥
< 1.2.17
debiandebian_linux
7.0
debiandebian_linux
8.0
opensuseleap
42.1
opensuseopensuse
13.2
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
mbedtls
bullseye
2.16.9-0.1
fixed
bookworm
2.28.3-1
fixed
trixie
2.28.8-1
fixed
sid
3.6.2-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mbedtls
disco
not-affected
cosmic
not-affected
bionic
not-affected
artful
not-affected
zesty
not-affected
yakkety
not-affected
xenial
not-affected
wily
dne
trusty
dne
precise
dne
polarssl
disco
dne
cosmic
dne
bionic
dne
artful
dne
zesty
dne
yakkety
dne
xenial
dne
wily
Fixed 1.3.9-2.1+deb8u1
released
vivid
ignored
trusty
dne
precise
ignored