Out-of-bounds read in mbedtls_lms_import_public_key()
Title |
Out-of-bounds read in mbedtls_lms_import_public_key() |
|---|---|
CVE |
CVE-2025-49601 |
Date |
2025-06-30 |
Affects |
Mbed TLS 3.3.0 through 3.6.3 |
Not affected |
Mbed TLS 3.6.4 and later 3.6 versions and upcoming TF-PSA-Crypto 1.0 and later versions |
Impact |
Denial of service and possible information disclosure |
Severity |
MEDIUM |
Credits |
Found and reported by Linh Le and Ngan Nguyen from Calif. |
Vulnerability
An LMS public key starts with a 4-byte type indicator. The function mbedtls_lms_import_public_key()
reads this type indicator before validating the size of its input.
If a public key is shorted than 4 bytes, the function performs a buffer overread of up to 4 bytes, resulting in undefined behavior. In practice this can only cause a crash and, at most, leak whether those four bytes match a fixed value. No arbitrary code execution is possible.
Impact
Denial of service and possible information disclosure of a few bytes of adjacent memory. No arbitrary code execution or large‐scale memory disclosure is possible.
Affected versions
Mbed TLS 3.3.0 through 3.6.3
Resolution
Affected users should upgrade to Mbed TLS 3.6.4 or upcoming TF-PSA-Crypto 1.0 or later.
Work-around
Validate that the key provided to mbedtls_lms_import_public_key() is at least 4 bytes long.