CVE-2018-0488
Description
ARM mbed TLS before 1.3.22, 2.1.10, and 2.7.0 has a heap corruption flaw in truncated HMAC + CBC mode, enabling remote code execution or denial of service.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
ARM mbed TLS before 1.3.22, 2.1.10, and 2.7.0 has a heap corruption flaw in truncated HMAC + CBC mode, enabling remote code execution or denial of service.
Vulnerability
A heap corruption vulnerability exists in ARM mbed TLS when the truncated HMAC extension and CBC cipher mode are used together. The flaw allows a remote attacker to craft a malicious application packet within a TLS or DTLS session, causing a bounds-check bypass via an integer overflow that leads to heap corruption. Affected versions are mbed TLS before 1.3.22, before 2.1.10, and before 2.7.0 [1][2].
Exploitation
An attacker must be in a position to send a crafted application packet to a target using mbed TLS with the truncated HMAC extension and CBC enabled within a TLS or DTLS session. No prior authentication is required; the attack is remote. The specific sequence involves injecting a malicious packet that triggers an integer overflow during HMAC processing, leading to a heap buffer overflow [1].
Impact
Successful exploitation allows the attacker to achieve remote code execution with the privileges of the affected process or cause a denial of service via heap corruption. The compromise can lead to full control of the TLS session or application [1][2].
Mitigation
Fixed versions are mbed TLS 1.3.22, 2.1.10, and 2.7.0, released on or before 2018-02-13. Users should upgrade to these or later versions. For Ubuntu systems, update mbedtls per USN-4267-1 [1]; for Gentoo, upgrade to >=net-libs/mbedtls-2.7.2 [2]. No workaround is available if an upgrade cannot be applied.
AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
3- osv-coords2 versionspkg:rpm/opensuse/mbedtls-2&distro=openSUSE%20Tumbleweedpkg:rpm/suse/mbedtls&distro=SUSE%20Package%20Hub%2012
< 2.27.0-1.2+ 1 more
- (no CPE)range: < 2.27.0-1.2
- (no CPE)range: < 1.3.19-11.1
Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
6- security.gentoo.org/glsa/201804-19mitrevendor-advisoryx_refsource_GENTOO
- usn.ubuntu.com/4267-1/mitrevendor-advisoryx_refsource_UBUNTU
- www.debian.org/security/2018/dsa-4138mitrevendor-advisoryx_refsource_DEBIAN
- www.debian.org/security/2018/dsa-4147mitrevendor-advisoryx_refsource_DEBIAN
- www.securityfocus.com/bid/103057mitrevdb-entryx_refsource_BID
- tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.