CVE-2025-47917

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions mbedtls versions prior to 3.6.4

Description The software contains a use-after-free issue in the mbedtls x509 string to names() function. This function incorrectly frees a pointer that application code may still be using, leading to a potential use-after-free or double-free condition. The sample programs cert write and cert req are affected when the Subject Alternative Name (SAN) string contains more than one Distinguished Name (DN).

Recommendations Update to mbedtls version 3.6.4 or later.

Exploit

Fix

Use After Free

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-416

Related Identifiers

BDU:2025-09513

CVE-2025-47917

DLA-4274-1

DLA-4274-2

USN-8123-1

Affected Products

Debian

Linuxmint

Ubuntu

Mbed Tls

CVE-2025-47917

Weakness Enumeration

Related Identifiers

Affected Products

References · 32