CVE-2020-36477

Name	CVE-2020-36477
Description	An issue was discovered in Mbed TLS before 2.24.0. The verification of X.509 certificates when matching the expected common name (the cn argument of mbedtls_x509_crt_verify) with the actual certificate name is mishandled: when the subjecAltName extension is present, the expected name is compared to any name in that extension regardless of its type. This means that an attacker could impersonate a 4-byte or 16-byte domain by getting a certificate for the corresponding IPv4 or IPv6 address (this would require the attacker to control that IP address, though).
Source	CVE (at NVD; CERT, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)

Vulnerable and fixed packages

The table below lists information on source packages.

Source Package	Release	Version	Status
mbedtls (PTS)	bullseye	2.16.9-0.1	fixed
	bullseye (security)	2.16.9-0.1+deb11u3	fixed
	bookworm	2.28.3-1	fixed
	forky, sid, trixie	3.6.4-2	fixed

The information below is based on the following data on fixed versions.

Package	Type	Release	Fixed Version
mbedtls	source	experimental	2.28.0-0.1
mbedtls	source	stretch	(not affected)
mbedtls	source	buster	(not affected)
mbedtls	source	bullseye	(not affected)
mbedtls	source	(unstable)	2.28.0-0.3

Notes

[bullseye] - mbedtls <not-affected> (2.16 not affected)
[buster] - mbedtls <not-affected> (2.16 not affected)
[stretch] - mbedtls <not-affected> (2.4 not affected)
https://github.com/ARMmbed/mbedtls/issues/3498
https://github.com/ARMmbed/mbedtls/commit/f3e4bd8632b71dc491e52e6df87dc3e409d2b869 (development)