CVE-2025-27810

CVE-2025-27810

Name

CVE-2025-27810

Description

Mbed TLS before 2.28.10 and 3.x before 3.6.3, in some cases of failed memory allocation or hardware errors, uses uninitialized stack memory to compose the TLS Finished message, potentially leading to authentication bypasses such as replays.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
cve@mitre.org	https://github.com/Mbed-TLS/mbedtls/releases
cve@mitre.org	https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-2/

Type

URI

cve@mitre.org

https://github.com/Mbed-TLS/mbedtls/releases

cve@mitre.org

https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2025-03-2/

CPE URI	Source package	Min version	Max version
	mbedtls	>= 0	< 2.28.10
	mbedtls	>= 3.0.0	< 3.6.3

CPE URI

Source package

Min version

Max version

mbedtls

>= 0

< 2.28.10

mbedtls

>= 3.0.0

< 3.6.3

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
mbedtls	edge-main	3.6.2-r0	Natanael Copa <ncopa@alpinelinux.org>	possibly vulnerable
mbedtls	edge-main	3.6.3-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
mbedtls2	edge-community	2.28.10-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
mbedtls	3.21-main	3.6.3-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
mbedtls2	3.21-community	2.28.10-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
mbedtls	3.20-main	3.6.3-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
mbedtls	3.19-main	2.28.10-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed
mbedtls	3.18-main	2.28.10-r0	Natanael Copa <ncopa@alpinelinux.org>	fixed

Source package

Branch

Version

Maintainer

Status

mbedtls

edge-main

3.6.2-r0

Natanael Copa <ncopa@alpinelinux.org>

possibly vulnerable

mbedtls

edge-main