CVE-2024-30166

In Mbed TLS 3.3.0 through 3.5.2 before 3.6.0, a malicious client can cause information disclosure or a denial of service because of a stack buffer over-read (of less than 256 bytes) in a TLS 1.3 server via a TLS 3.1 ClientHello.

CVSS v3 9.1 CRITICAL

9.1^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.2

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.0	Release Notes
https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/	Vendor Advisory
https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.0	Release Notes
https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/	Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*

History

27 Jun 2025, 17:46

Type	Values Removed	Values Added
CPE		cpe:2.3:a:arm:mbed_tls::::::::
References	~~() https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.0 -~~	() https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.0 - Release Notes
References	~~() https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/ -~~	() https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/ - Vendor Advisory
First Time		Arm Arm mbed Tls

21 Nov 2024, 09:11

Type	Values Removed	Values Added
References	~~() https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.0 -~~	() https://github.com/Mbed-TLS/mbedtls/releases/tag/v3.6.0 -
References	~~() https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/ -~~	() https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/ -

01 Aug 2024, 15:35

Type	Values Removed	Values Added
CWE		CWE-121
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 9.1

03 Apr 2024, 12:38

Type	Values Removed	Values Added
Summary		(es) En Mbed TLS 3.3.0 hasta 3.5.2 anterior a 3.6.0, un cliente malintencionado puede provocar la divulgación de información o una denegación de servicio debido a una sobrelectura del búfer de pila (de menos de 256 bytes) en un servidor TLS 1.3 a través de un TLS. 3.1 ClientHello.

03 Apr 2024, 03:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2024-04-03 03:15

Updated : 2025-06-27 17:46

NVD link : CVE-2024-30166

Mitre link : CVE-2024-30166

CVE.ORG link : CVE-2024-30166

JSON object : View

Products Affected

arm

mbed_tls

CWE

CWE-121

Stack-based Buffer Overflow

9.1 /10