In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. (WOLFSSL_CALLBACKS is only intended for debugging.)
References
Link | Resource |
---|---|
http://packetstormsecurity.com/files/170610/wolfSSL-WOLFSSL_CALLBACKS-Heap-Buffer-Over-Read.html | Third Party Advisory |
http://seclists.org/fulldisclosure/2023/Jan/11 | Mailing List Third Party Advisory |
https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/ | |
https://github.com/wolfSSL/wolfssl/releases | Release Notes Third Party Advisory |
https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.2-stable | Release Notes Third Party Advisory |
https://www.wolfssl.com/docs/security-vulnerabilities/ | Vendor Advisory |
Configurations
History
15 Feb 2023, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
09 Feb 2023, 01:55
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/wolfSSL/wolfssl/releases - Release Notes, Third Party Advisory | |
References | (MISC) http://packetstormsecurity.com/files/170610/wolfSSL-WOLFSSL_CALLBACKS-Heap-Buffer-Over-Read.html - Third Party Advisory | |
References | (MISC) https://github.com/wolfSSL/wolfssl/releases/tag/v5.5.2-stable - Release Notes, Third Party Advisory | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2023/Jan/11 - Mailing List, Third Party Advisory |
20 Jan 2023, 19:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
20 Jan 2023, 05:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
23 Nov 2022, 18:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
08 Nov 2022, 17:13
Type | Values Removed | Values Added |
---|---|---|
CPE | cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:* | |
References | (MISC) https://github.com/wolfSSL/wolfssl/releases - Third Party Advisory | |
References | (MISC) https://www.wolfssl.com/docs/security-vulnerabilities/ - Vendor Advisory | |
First Time |
Wolfssl
Wolfssl wolfssl |
|
CWE | CWE-125 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.1 |
07 Nov 2022, 00:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-11-07 00:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-42905
Mitre link : CVE-2022-42905
CVE.ORG link : CVE-2022-42905
JSON object : View
Products Affected
wolfssl
- wolfssl
CWE
CWE-125
Out-of-bounds Read