CVE-2024-28960

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "https://github.com/Mbed-TLS/mbedtls-docs/blob/main/security-advisories/mbedtls-security-advisory-2024-03.md", "name": "https://github.com/Mbed-TLS/mbedtls-docs/blob/main/security-advisories/mbedtls-security-advisory-2024-03.md", "tags": ["Vendor Advisory"], "refsource": ""}, {"url": "https://github.com/Mbed-TLS/mbedtls-docs/blob/main/security-advisories/mbedtls-security-advisory-2024-03.md", "name": "https://github.com/Mbed-TLS/mbedtls-docs/blob/main/security-advisories/mbedtls-security-advisory-2024-03.md", "tags": ["Vendor Advisory"], "refsource": ""}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5YE3QRREGJC6K34JD4LZ5P3IALNX4QYY/", "name": "FEDORA-2024-a23b5f0783", "tags": ["Third Party Advisory", "Mailing List"], "refsource": ""}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/5YE3QRREGJC6K34JD4LZ5P3IALNX4QYY/", "name": "FEDORA-2024-a23b5f0783", "tags": ["Third Party Advisory", "Mailing List"], "refsource": ""}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UZNBMKYEV2J5DI7R4BQGL472V7X3WJY/", "name": "FEDORA-2024-1249d56928", "tags": ["Third Party Advisory", "Mailing List"], "refsource": ""}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/6UZNBMKYEV2J5DI7R4BQGL472V7X3WJY/", "name": "FEDORA-2024-1249d56928", "tags": ["Third Party Advisory", "Mailing List"], "refsource": ""}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NCDU52ZDA7TX3HC5JCU6ZZIJQOPTNBK6/", "name": "FEDORA-2024-666210bd74", "tags": ["Third Party Advisory", "Mailing List"], "refsource": ""}, {"url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NCDU52ZDA7TX3HC5JCU6ZZIJQOPTNBK6/", "name": "FEDORA-2024-666210bd74", "tags": ["Third Party Advisory", "Mailing List"], "refsource": ""}, {"url": "https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/", "name": "https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/", "tags": ["Vendor Advisory"], "refsource": ""}, {"url": "https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/", "name": "https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/", "tags": ["Vendor Advisory"], "refsource": ""}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "An issue was discovered in Mbed TLS 2.18.0 through 2.28.x before 2.28.8 and 3.x before 3.6.0, and Mbed Crypto. The PSA Crypto API mishandles shared memory."}]}, "problemtype": {"problemtype_data": [{"description": []}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2024-28960", "ASSIGNER": "cve@mitre.org"}}, "impact": {}, "publishedDate": "2024-03-29T06:15Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "2.28.8", "versionStartIncluding": "2.1.8"}, {"cpe23Uri": "cpe:2.3:a:arm:mbed_tls:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndExcluding": "3.6.0", "versionStartIncluding": "3.0.0"}, {"cpe23Uri": "cpe:2.3:a:arm:mbed_crypto:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "3.1.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2025-05-28T17:42Z"}