mirror of
https://github.com/yuzu-emu/mbedtls.git
synced 2024-11-23 06:25:45 +01:00
d61551c017
Signed-off-by: Gilles Peskine <Gilles.Peskine@arm.com>
7 lines
372 B
Plaintext
7 lines
372 B
Plaintext
Security
|
|
* Zeroize several intermediate variables used to calculate the expected
|
|
value when verifying a MAC or AEAD tag. This hardens the library in
|
|
case the value leaks through a memory disclosure vulnerability. For
|
|
example, a memory disclosure vulnerability could have allowed a
|
|
man-in-the-middle to inject fake ciphertext into a DTLS connection.
|