Alerts This Week
Warning Icon 1 677
Alerts This Week
Warning Icon 1 677

Ubuntu 24.04 LTS mbedtls Critical Denial of Service USN-8123-1

ubuntu
Calendar Grey March 25, 2026
Dist Ubuntu Esm H88
Several security flaws in mbedtls require urgent attention for Ubuntu 18.04 LTS and later. Immediate updates are crucial.
Several security issues were fixed in mbedtls.

Summary

Several security issues were fixed in mbedtls.

Software Description:

- mbedtls: Lightweight crypto and SSL/TLS library

Details:

It was discovered that Mbed TLS incorrectly handled memory allocation

failures. A remote attacker could possibly use this issue to crash

the program. This issue only affected Ubuntu 18.04 LTS and Ubuntu

20.04 LTS. (CVE-2021-44732)

Jonathan Winzig discovered that Mbed TLS incorrectly handled crafted

inputs. A remote attacker could possibly use this issue to crash the

program, resulting in a denial of service. This issue only affected

Ubuntu 18.04 LTS, Ubuntu 20.04 LTS, Ubuntu 22.04 LTS. (CVE-2024-23775)

It was discovered that Mbed TLS incorrectly handled the TLS

handshake. A remote attacker could possibly use this issue to

break the security guarantees of the TLS handshake.

(CVE-2025-27810)

Linh Le and Ngan Nguyen discovered that Mbed TLS incorrectly

documented the behavior of a function. Application code relying

on the documented behavior might be af...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory denial of service critical Ubuntu memory allocation mbedtls

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 24.04 LTS
  libmbedcrypto7t64               2.28.8-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libmbedtls-dev                  2.28.8-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libmbedtls14t64                 2.28.8-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libmbedx509-1t64                2.28.8-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 22.04 LTS
  libmbedcrypto7                  2.28.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libmbedtls-dev                  2.28.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libmbedtls14                    2.28.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libmbedx509-1                   2.28.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

Ubuntu 20.04 LTS
  libmbedcrypto3                  2.16.4-1ubuntu2+esm1
                                  Available with Ubuntu Pro
  libmbedtls-dev                  2.16.4-1ubuntu2+esm1
                                  Available with Ubuntu Pro
  libmbedtls12                    2.16.4-1ubuntu2+esm1
                                  Available with Ubuntu Pro
  libmbedx509-0                   2.16.4-1ubuntu2+esm1
                                  Available with Ubuntu Pro

Ubuntu 18.04 LTS
  libmbedcrypto1                  2.8.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libmbedtls-dev                  2.8.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libmbedtls10                    2.8.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro
  libmbedx509-0                   2.8.0-1ubuntu0.1~esm1
                                  Available with Ubuntu Pro

In general, a standard system update will make all the necessary changes.

References

https://ubuntu.com/security/notices/USN-8123-1

CVE-2021-44732, CVE-2024-23775, CVE-2025-27810, CVE-2025-47917,

CVE-2025-48965, CVE-2025-52496, CVE-2025-52497

Severity
critical
Lowest
Low
Medium
High
Critical

Ubuntu Security Notice USN-8123-1

Topics%20covered

Topics Covered

security advisory denial of service critical Ubuntu memory allocation mbedtls

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here