Partnering with Google to Strengthen Open-Source Crypto: An Mbed TLS Security Audit
By Linh Le and Ngan Nguyen
Partnering with Google to Strengthen Open-Source Crypto: An Mbed TLS Security Audit
We're excited to share the results of a deep-dive security audit into Mbed TLS version 3.6.2, conducted in close collaboration with Google.
Mbed TLS is a C library that implements cryptographic primitives, X.509 certificate manipulation and the SSL/TLS and DTLS protocols. Its small code footprint makes it suitable for embedded systems.
As part of their ongoing commitment to securing the Internet's foundational software, Google Security Team commissioned Calif to proactively identify and fix potential vulnerabilities in the widely used open-source crypto library.
The assessment identified five vulnerabilities: one 'High' severity and four 'Medium' severity. All findings were disclosed to the Mbed TLS team in April 2025. We worked with the Mbed TLS developers to ensure all vulnerabilities were understood, prioritized, and patched effectively. We're pleased to report that all identified issues have been addressed.
Vulnerabilities Addressed
Here is a list of the key vulnerabilities found during the assessment, along with links to the official Mbed TLS advisories and their assigned CVE numbers.
(High) Misleading memory management in X.509 name parsing leading to arbitrary code execution
CVE-2025-47917 | Mbed TLS Advisory
(Medium) Unchecked return value in LMS verification allows signature bypass
(Medium) Null pointer dereference in parsing X.509 distinguished names leading to DoS
CVE-2025-48965 | Mbed TLS Advisory
(Medium) Out-of-bounds read in LMS public key import leading to DoS or information disclosure
(Medium) Integer underflow in decoding PEM keys leading to DoS
Take Action and Dig Deeper
Thanks to this proactive initiative, the Mbed TLS library is now more secure. We strongly urge all users to upgrade to version 3.6.4 or later.
This project is a powerful example of how targeted investment from companies like Google can directly improve the security of foundational software we all rely on.
For a complete technical breakdown of each vulnerability, you can access the full report on our GitHub: Read the Mbed TLS 3.6.2 Security Audit Report (PDF)
To help the community, the custom Wycheproof test drivers we developed are publicly available for download. We encourage you to integrate them into your own testing pipelines.