Mbed TLS: Multiple Vulnerabilities

Mbed TLS: Multiple Vulnerabilities Multiple vulnerabilities have been discovered in Mbed TLS, the worst of which could lead to information disclosure or denial of service. mbedtls 2024-09-22 2024-09-22 886001 923279 local and remote 2.28.7 2.28.7

Mbed TLS (previously PolarSSL) is an “easy to understand, use, integrate and expand” implementation of the TLS and SSL protocols and the respective cryptographic algorithms and support code required.

Multiple vulnerabilities have been discovered in Mbed TLS. Please review the CVE identifiers referenced below for details.

Please review the referenced CVE identifiers for details.

There is no known workaround at this time.

All Mbed TLS users should upgrade to the latest version:


          # emerge --sync
          # emerge --ask --oneshot --verbose ">=net-libs/mbedtls-2.28.7"

CVE-2022-46392 CVE-2022-46393 CVE-2023-43615 CVE-2023-45199 CVE-2024-23170 CVE-2024-23775 graaff graaff