CVE-2025-52496

Name of the Vulnerable Software and Affected Versions: Mbed TLS versions prior to 3.6.4

Description: The issue is related to a race condition in AESNI detection that can occur under certain compiler optimizations. This could potentially allow an attacker to extract an AES key from a multithreaded program or perform a GCM forgery.

Recommendations: For versions prior to 3.6.4, update to version 3.6.4 or later to resolve the issue. As a temporary workaround, consider disabling multithreading in applications that use Mbed TLS until a patch is applied. Restrict access to sensitive data handled by Mbed TLS to minimize the risk of exploitation.