VIR Vulnerability Intelligence Relay

CVE-2015-5291

medium
Published 2015-11-02 · Modified 2026-05-06
CVSS v3
CVSS v2
6.8
VIR risk
6.8

Description

Heap-based buffer overflow in PolarSSL 1.x before 1.2.17 and ARM mbed TLS (formerly PolarSSL) 1.3.x before 1.3.14 and 2.x before 2.1.2 allows remote SSL servers to cause a denial of service (client crash) and possibly execute arbitrary code via a long hostname to the server name indication (SNI) extension, which is not properly handled when creating a ClientHello message. NOTE: this identifier has been SPLIT per ADT3 due to different affected version ranges. See CVE-2015-8036 for the session ticket issue that was introduced in 1.3.0.

Predictions

Exploit likelihood
20%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2015-5291

vendor Authored 2026-05-27

Vendor advisory: secalert@redhat.com — https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2015-01

OS impact
OSVersionStatusFixed in
debian debianbookwormfixed0
debian debianbullseyefixed0
debian debianforkyfixed0
debian debiansidfixed0
debian debiantrixiefixed0
debian debian7.0affected
debian debian8.0affected
suse suse42.1affected
suse suse13.2affected
fedora fedora21affected
fedora fedora22affected
fedora fedora23affected

Application impact
VendorProductVersionsFixed
armmbed_tls{"startIncluding":"1.3.0","endExcluding":"1.3.14"}1.3.14
polarsslpolarssl{"startIncluding":"1.0.0","endExcluding":"1.2.17"}1.2.17

References

CWEs

CWE-119

Verify integrity in audit chain (admin only). AS-IS.