Mbed TLS Race Condition Vulnerability in AESNI Detection Allowing Key Extraction or GCM Forgery

Vulnerability

A race condition vulnerability has been identified in Mbed TLS versions prior to 3.6.4, specifically in the AESNI detection process. This vulnerability arises when certain compiler optimizations are applied. In a multithreaded environment, an attacker may exploit this race condition to extract an AES key from the program or to forge GCM (Galois/Counter Mode) authentication.

Impact

Exploitation of this vulnerability could lead to the extraction of AES keys from a multithreaded program or allow for GCM forgery, undermining the integrity of GCM authentication.

Added: Jul 4, 2025, 4:15 PM

Updated: Jul 4, 2025, 4:15 PM

Vulnerability Rating

Custom Algorithm

spread

8.6

impact

2.5

exploitability

6.2

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.6

impact

2.5

exploitability

6.2

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mbed TLS Race Condition Vulnerability in AESNI Detection Allowing Key Extraction or GCM Forgery

Vulnerability

Impact

Affected Products

Mbed TLS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating