CVE-2018-1000061

CVE: CVE-2018-1000061
Published: 2018-02-09T23:29Z
Vendor: arm
Products: mbed_tls
Versions: 2.7.0,
Description Language: en
Description: ARM mbedTLS version development branch, 2.7.0 and earlier contains a CWE-670, Incorrect condition control flow leading to incorrect return, leading to data loss vulnerability in ssl_write_real(), library/ssl_tls.c:7142 that can result in Leads to data loss, can be escalated to DoS and authorization bypass in application protocols. This attack appear to be exploitable via network connectivity.
References:
https://github.com/ARMmbed/mbedtls/issues/1356