Login Sign Up

CVE-2024-28960

8.2 HIGH
Denial of Service

📋 TL;DR

This vulnerability in Mbed TLS and Mbed Crypto allows attackers to potentially access sensitive cryptographic data or cause denial of service through improper handling of shared memory in the PSA Crypto API. It affects systems using vulnerable versions of these cryptographic libraries, particularly those implementing PSA Crypto functionality.

💻 Affected Systems

Products:
  • Mbed TLS
  • Mbed Crypto
Versions: Mbed TLS 2.18.0 through 2.28.x before 2.28.8, and Mbed TLS 3.x before 3.6.0
Operating Systems: All operating systems using affected Mbed TLS versions
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects systems using PSA Crypto API functionality. Systems using only the legacy API are not affected.

📦 What is this software?

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Fedora by Fedoraproject

View all CVEs affecting Fedora →

Mbed Crypto by Arm

View all CVEs affecting Mbed Crypto →

Mbed Tls by Arm

View all CVEs affecting Mbed Tls →

Mbed Tls by Arm

View all CVEs affecting Mbed Tls →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of cryptographic operations leading to data exposure, authentication bypass, or system crashes affecting availability.

🟠

Likely Case

Information disclosure of cryptographic keys or other sensitive data, potentially enabling further attacks on encrypted communications.

🟢

If Mitigated

Limited impact with proper memory isolation and access controls, potentially only causing localized crashes.

🌐 Internet-Facing: HIGH - Internet-facing systems using Mbed TLS for TLS/SSL could expose cryptographic operations to attackers.
🏢 Internal Only: MEDIUM - Internal systems still vulnerable but with reduced attack surface compared to internet-facing systems.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires specific conditions related to PSA Crypto API usage and shared memory operations.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Mbed TLS 2.28.8 or 3.6.0

Vendor Advisory: https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/

Restart Required: Yes

Instructions:

1. Identify affected Mbed TLS version. 2. Update to Mbed TLS 2.28.8 or 3.6.0. 3. Recompile applications using the library. 4. Restart affected services.

🔧 Temporary Workarounds

Disable PSA Crypto API

all

If PSA Crypto API is not required, disable it during compilation to remove the vulnerable code path.

Configure with -DMBEDTLS_PSA_CRYPTO_C=OFF during build

🧯 If You Can't Patch

  • Implement strict network segmentation to limit access to affected systems
  • Monitor for unusual memory access patterns or cryptographic operation failures

🔍 How to Verify

Check if Vulnerable:

Check Mbed TLS version and PSA Crypto API usage. Vulnerable if using Mbed TLS 2.18.0-2.28.7 or 3.0.0-3.5.x with PSA Crypto enabled.

Check Version:

Check library version in application or use: strings /path/to/library | grep -i mbed

Verify Fix Applied:

Verify Mbed TLS version is 2.28.8 or higher, or 3.6.0 or higher, and confirm PSA Crypto API is properly configured.

📡 Detection & Monitoring

Log Indicators:

  • Unexpected application crashes related to cryptographic operations
  • Memory access violation errors in PSA Crypto context

Network Indicators:

  • Abnormal TLS handshake failures
  • Unexpected termination of encrypted connections

SIEM Query:

Search for process crashes with mbedtls or cryptographic library components, or failed TLS connections from systems using Mbed TLS

📊 Metadata

CVE ID: CVE-2024-28960
CVSS v3 Score: 8.2 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
CWE: CWE-284
Published: March 29, 2024
Last Updated: November 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-28960, you might also want to check these:

CVE-2021-34795 10.0

This critical vulnerability in Cisco Catalyst PON Series Switches ONT web management interface allow...

Same vulnerability type (CWE-284)
CVE-2021-40113 10.0

Multiple vulnerabilities in Cisco Catalyst PON Series Switches ONT web management interface allow un...

Same vulnerability type (CWE-284)
CVE-2026-21636 10.0

A critical vulnerability in Node.js v25's experimental permission model allows attacker-controlled i...

Same vulnerability type (CWE-284)