6 lines
276 B
Plaintext
6 lines
276 B
Plaintext
Security
|
|
* In psa_cipher_generate_iv() and psa_cipher_encrypt(), do not read back
|
|
from the output buffer. This fixes a potential policy bypass or decryption
|
|
oracle vulnerability if the output buffer is in memory that is shared with
|
|
an untrusted application.
|