mirror of
https://github.com/Mbed-TLS/mbedtls.git
synced 2026-03-20 19:21:09 +01:00
6 lines
252 B
Plaintext
6 lines
252 B
Plaintext
Security
|
|
* In psa_aead_generate_nonce(), do not read back from the output buffer.
|
|
This fixes a potential policy bypass or decryption oracle vulnerability
|
|
if the output buffer is in memory that is shared with an untrusted
|
|
application.
|