Security vulnerabilities and automated fixes for mbedtls issues
1 post found
A critical buffer overflow vulnerability was discovered in `helpers/src/edhoc_cipher_suite_2.c` within the EDHOC cipher suite 2 implementation. The `mbedtls_ecp_decompress()` function used `raw_key_len` to copy a compressed peer public key into a fixed-size buffer without first verifying that the key length fit within the destination. An attacker sending a crafted EDHOC message with an oversized compressed key could exploit this to corrupt adjacent memory, potentially achieving remote code execu