4.2.0C

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

wolfssl

CWE-787

NVD

Published: 2019-11-09

Updated: 2019-11-12

Summary

In wolfSSL 4.1.0 through 4.2.0c, there are missing sanity checks of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a one-byte heap-based buffer overflow inside the DecodedCert structure in GetName in wolfcrypt/src/asn.c because the domain name location index is mishandled. Because a pointer is overwritten, there is an invalid free.

Vulnerable Configurations

Part	Description	Count
Application	Wolfssl Wolfssl Wolfssl 4.1.0 Wolfssl Wolfssl 4.2.0 Wolfssl Wolfssl 4.2.0C	3

Common Weakness Enumeration (CWE)

CWE-787 - Out-of-bounds Write

References

https://github.com/wolfSSL/wolfssl/issues/2555