5Eyl
CVE-2024-45158 | mbed TLS 3.6.0 mbedtls_ecdsa_der_to_raw/mbedtls_ecdsa_raw_to_der bits stack-based overflow
A vulnerability was found in mbed TLS 3.6.0. It has been rated as critical. Affected by this issue is the functionmbedtls_ecdsa_der_to_raw/mbedtls_ecdsa_raw_to_der
. The manipulation of the argument bits leads to stack-based buffer overflow.
This vulnerability is handled as CVE-2024-45158. The attack needs to be approached within the local network. There is no exploit available.
It is recommended to upgrade the affected component.