CVE-2024-30166
Description
Stack buffer over-read in Mbed TLS 3.3.0-3.5.2 allows a malicious client to cause information disclosure or DoS via a crafted TLS 1.3 ClientHello.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Stack buffer over-read in Mbed TLS 3.3.0-3.5.2 allows a malicious client to cause information disclosure or DoS via a crafted TLS 1.3 ClientHello.
Vulnerability
In Mbed TLS versions 3.3.0 through 3.5.2, the TLS 1.3 server code does not properly validate the protocol version field in a ClientHello message. A TLS 3.1 ClientHello (with an unusual version number) triggers a stack buffer over-read of less than 256 bytes, potentially leaking sensitive memory or causing a crash. The issue is fixed in version 3.6.0 [1].
Exploitation
An attacker can exploit this vulnerability by initiating a TLS 1.3 handshake with a server running an affected version, sending a crafted ClientHello that specifies TLS 3.1 as the protocol version. No special network position is required other than the ability to connect to the server. The over-read occurs during server-side processing of the ClientHello.
Impact
A successful exploit can result in information disclosure (leaked data from the server's stack) or denial of service due to a crash. The extent of information disclosure depends on the data on the stack near the buffer.
Mitigation
Upgrade to Mbed TLS 3.6.0 or later [1]. There are no known workarounds for affected versions.
AI Insight generated on May 27, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2- Mbed TLS/Mbed TLSdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
Root cause
"Missing bounds check in TLS 1.3 ClientHello parsing causes a stack buffer over-read when PSK key exchange mode is supported."
Attack vector
A malicious client sends a crafted TLS 1.3 ClientHello to a TLS 1.3 server that supports PSK key exchange modes. The server's parser performs a stack buffer over-read of less than 256 bytes while processing the ClientHello [ref_id=1]. This can lead to information disclosure (reading adjacent stack memory) or a denial of service (crash). The attack requires network access to the server and no prior authentication.
Affected code
The vulnerability exists in the TLS 1.3 server-side ClientHello parsing code within Mbed TLS versions 3.3.0 through 3.5.2. The advisory [ref_id=1] states the bug occurs "when parsing a TLS 1.3 ClientHello in a TLS 1.3 server supporting some PSK key exchange mode." No specific function or file names are provided in the bundle.
What the fix does
The fix is included in Mbed TLS version 3.6.0 [ref_id=1]. The release notes do not include a specific patch diff, but the advisory describes the issue as a stack buffer overread during TLS 1.3 ClientHello parsing. The remediation corrects the bounds checking in the ClientHello parser to prevent reading beyond the allocated stack buffer when handling PSK-related fields. Users are advised to update to 3.6.0 or later.
Preconditions
- configThe server must be running Mbed TLS 3.3.0 through 3.5.2 with TLS 1.3 enabled and supporting PSK key exchange modes.
- networkThe attacker must have network access to send a TLS ClientHello to the server.
- authNo authentication is required; the attack occurs during the handshake before any session is established.
Generated on May 24, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
2- mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/nvdVendor Advisory
- github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.0nvdRelease Notes
News mentions
0No linked articles in our index yet.