yuzu-early/externals/mbedtls/ChangeLog.d/mpi_sub_abs.txt
2021-03-06 01:41:47 +01:00

8 lines
423 B
Plaintext
Executable File

Security
* Fix a buffer overflow in mbedtls_mpi_sub_abs() when calculating
|A| - |B| where |B| is larger than |A| and has more limbs (so the
function should return MBEDTLS_ERR_MPI_NEGATIVE_VALUE). Only
applications calling mbedtls_mpi_sub_abs() directly are affected:
all calls inside the library were safe since this function is
only called with |A| >= |B|. Reported by Guido Vranken in #4042.