CVE-2018-9860

Name of the Vulnerable Software and Affected Versions Botan versions 1.11.32 through 2.x before 2.6.0

Description An issue was discovered that could cause a denial of service due to an off-by-one error when processing malformed TLS-CBC ciphertext. This error leads to an over-read, including exactly 64K bytes of data following the record buffer in the HMAC computation, which will subsequently fail the MAC comparison and close the connection. No information leak occurs.

Recommendations For versions 1.11.32 through 2.x before 2.6.0, update to version 2.6.0 or later to resolve the issue.