ARM mbedTLS version 2.7.0 and earlier contains a Ciphersuite Allows Incorrectly Signed Certificates vulnerability in mbedtls_ssl_get_verify_result() that can result in ECDSA-signed certificates are accepted, when only RSA-signed ones should be.. This attack appear to be exploitable via Peers negotiate a TLS-ECDH-RSA-* ciphersuite. Any of the peers can then provide an ECDSA-signed certificate, when only an RSA-signed one should be accepted..
Weakness
The product does not validate, or incorrectly validates, a certificate.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Mbed_tls | Arm | * | 2.7.0 (including) |
| Mbedtls | Ubuntu | artful | * |
| Mbedtls | Ubuntu | bionic | * |
| Mbedtls | Ubuntu | cosmic | * |
| Mbedtls | Ubuntu | devel | * |
| Mbedtls | Ubuntu | disco | * |
| Mbedtls | Ubuntu | eoan | * |
| Mbedtls | Ubuntu | esm-apps/bionic | * |
| Mbedtls | Ubuntu | esm-apps/focal | * |
| Mbedtls | Ubuntu | esm-apps/jammy | * |
| Mbedtls | Ubuntu | esm-apps/noble | * |
| Mbedtls | Ubuntu | esm-apps/xenial | * |
| Mbedtls | Ubuntu | focal | * |
| Mbedtls | Ubuntu | groovy | * |
| Mbedtls | Ubuntu | hirsute | * |
| Mbedtls | Ubuntu | impish | * |
| Mbedtls | Ubuntu | jammy | * |
| Mbedtls | Ubuntu | kinetic | * |
| Mbedtls | Ubuntu | lunar | * |
| Mbedtls | Ubuntu | mantic | * |
| Mbedtls | Ubuntu | noble | * |
| Mbedtls | Ubuntu | oracular | * |
| Mbedtls | Ubuntu | plucky | * |
| Mbedtls | Ubuntu | questing | * |
| Mbedtls | Ubuntu | upstream | * |
| Mbedtls | Ubuntu | xenial | * |