Vulnerabilities > CVE-2022-39173 - Out-of-bounds Write vulnerability in Wolfssl
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
In wolfSSL before 5.5.1, malicious clients can cause a buffer overflow during a TLS 1.3 handshake. This occurs when an attacker supposedly resumes a previous TLS session. During the resumption Client Hello a Hello Retry Request must be triggered. Both Client Hellos are required to contain a list of duplicate cipher suites to trigger the buffer overflow. In total, two Client Hellos have to be sent: one in the resumed session, and a second one as a response to a Hello Retry Request message.
Vulnerable Configurations
Common Weakness Enumeration (CWE)
References
- http://packetstormsecurity.com/files/169600/wolfSSL-Buffer-Overflow.html
- http://packetstormsecurity.com/files/169600/wolfSSL-Buffer-Overflow.html
- http://seclists.org/fulldisclosure/2022/Oct/24
- http://seclists.org/fulldisclosure/2022/Oct/24
- https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/
- https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/
- https://github.com/wolfSSL/wolfssl/releases
- https://github.com/wolfSSL/wolfssl/releases
- https://www.wolfssl.com/docs/security-vulnerabilities/
- https://www.wolfssl.com/docs/security-vulnerabilities/