Debian 11: mbedtls Important Use-After-Free Fix DLA-4274-2 CVE-2025-47917

debian lts

August 30, 2025

The previous update, 2.16.9-0.1+deb11u2, fixed the following security issue: CVE-2025-47917

Topics Covered

security advisory security issue debian important use-after-free mbedtls

Summary

CVE-2025-47917

MbedTLS allows use-after-free in certain situations in the correctly
developed applications.

Unfortunately, the fix was incomplete and introduced a potential regression
in other correctly developed applications.

For Debian 11 bullseye, this problem has been fixed in version
2.16.9-0.1+deb11u3.

We recommend that you upgrade your mbedtls packages.

For the detailed security status of mbedtls please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/mbedtls

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

Severity

important

Lowest

Low

Medium

High

Critical

Package: mbedtls

Version: 2.16.9-0.1+deb11u3

CVE ID: CVE-2025-47917

Topics Covered

security advisory security issue debian important use-after-free mbedtls

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Debian 11: mbedtls Important Use-After-Free Fix DLA-4274-2 CVE-2025-47917

Topics Covered

Summary

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Debian 11: mbedtls Important Use-After-Free Fix DLA-4274-2 CVE-2025-47917

Topics Covered

Summary

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!