An issue was discovered in Mbed TLS 3.x before 3.6.6. An out-of-bounds read vulnerability in mbedtls_ccm_finish() in library/ccm.c allows attackers to obtain adjacent CCM context data via invocation of the multipart CCM API with an oversized tag_len parameter. This is caused by missing validation of the tag_len parameter against the size of the internal 16-byte authentication buffer. The issue affects the public multipart CCM API in Mbed TLS 3.x, where mbedtls_ccm_finish() can be invoked directly by applications. In Mbed TLS 4.x versions prior to the fix, the same missing validation exists in the internal implementation; however, the function is not exposed as part of the public API. Exploitation requires application-level invocation of the multipart CCM API.
2.1.2-12.2.0-12.2.1-12.2.1-22.2.1-2ubuntu0.12.2.1-2ubuntu0.22.2.1-2ubuntu0.33.6.2-3ubuntu12.5.1-1ubuntu12.6.0-12.7.0-22.8.0-12.8.0-1ubuntu0.1~esm12.16.2-12.16.3-12.16.4-1ubuntu22.16.4-1ubuntu2+esm12.16.11-0.1ubuntu12.16.11-0.32.16.9-0.1ubuntu12.28.0-12.28.0-1build12.28.0-1ubuntu0.1~esm12.28.3-12.28.6-1ubuntu12.28.7-1.1ubuntu12.28.7-1ubuntu12.28.8-12.28.8-1ubuntu0.1~esm1Exploitability
AV:NAC:LPR:NUI:NScope
S:UImpact
C:HI:NA:NCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N