Upstream information

CVE-2021-44732 at MITRE

Description

Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure.

SUSE information

Overall state of this security issue: Does not affect SUSE products

This issue is currently rated as having moderate severity.

SUSE Bugzilla entry: 1193922 [NEW]

No SUSE Security Announcements cross referenced.