Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2025-47917

Good to know:

icon

Date: July 19, 2025

Mbed TLS before 3.6.4 allows a use-after-free in certain situations of applications that are developed in accordance with the documentation. The function mbedtls_x509_string_to_names() takes a head argument that is documented as an output argument. The documentation does not suggest that the function will free that pointer; however, the function does call mbedtls_asn1_free_named_data_list() on that argument, which performs a deep free(). As a result, application code that uses this function (relying only on documented behavior) is likely to still hold pointers to the memory blocks that were freed, resulting in a high risk of use-after-free or double-free. In particular, the two sample programs x509/cert_write and x509/cert_req are affected (use-after-free if the san string contains more than one DN).

Severity Score

Related Resources (6)

https://github.com/Mbed-TLS/mbedtls-docs/blob/main/security-advisories/mbedtls-security-advisory-2025-06-7.md
https://security.alpinelinux.org/vuln/CVE-2025-47917
https://security-tracker.debian.org/tracker/CVE-2025-47917
https://nvd.nist.gov/vuln/detail/CVE-2025-47917
https://mbed-tls.readthedocs.io/en/latest/tech-updates/security-advisories/
https://www.mend.io/vulnerability-database/CVE-2025-47917

Severity Score

Weakness Type (CWE)

Use After Free

CWE-416

Top Fix

icon

Upgrade Version

Upgrade to version mbedtls - 3.6.4;https://github.com/Mbed-TLS/mbedtls.git - v3.6.4

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): HIGH
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): CHANGED
Confidentiality (C): LOW
Integrity (I): HIGH
Availability (A): HIGH

Do you need more information?

Contact Us