vulnerability

Alpine Linux: CVE-2025-49601: Out-of-bounds Read

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:M/Au:N/C:P/I:N/A:P)	Jul 4, 2025	Aug 8, 2025	Dec 22, 2025

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:N/A:P)

Published

Jul 4, 2025

Added

Aug 8, 2025

Modified

Dec 22, 2025

Description

In MbedTLS 3.3.0 before 3.6.4, mbedtls_lms_import_public_key does not check that the input buffer is at least 4 bytes before reading a 32-bit field, allowing a possible out-of-bounds read on truncated input. Specifically, an out-of-bounds read in mbedtls_lms_import_public_key allows context-dependent attackers to trigger a crash or limited adjacent-memory disclosure by supplying a truncated LMS (Leighton-Micali Signature) public-key buffer under four bytes. An LMS public key starts with a 4-byte type indicator. The function mbedtls_lms_import_public_key reads this type indicator before validating the size of its input.

Solution

alpine-linux-upgrade-mbedtls

References

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today