Lucene search

[email protected]CVE-2022-39173

HistorySep 29, 2022 - 1:15 a.m.

CVE-2022-39173

2022-09-2901:15:11

CWE-787

[email protected]

web.nvd.nist.gov

cve-2022-39173

wolfssl

buffer overflow

tls 1.3

handshake

hello retry request

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.004 Low

EPSS

Percentile

74.3%

JSON

In wolfSSL before 5.5.1, malicious clients can cause a buffer overflow during a TLS 1.3 handshake. This occurs when an attacker supposedly resumes a previous TLS session. During the resumption Client Hello a Hello Retry Request must be triggered. Both Client Hellos are required to contain a list of duplicate cipher suites to trigger the buffer overflow. In total, two Client Hellos have to be sent: one in the resumed session, and a second one as a response to a Hello Retry Request message.

Affected configurations

NVD

Node

wolfsslwolfsslRange<5.5.1

CPENameOperatorVersion
wolfssl:wolfsslwolfssllt5.5.1

CPE	Name	Operator	Version
wolfssl:wolfssl	wolfssl	lt	5.5.1

References

packetstormsecurity.com/files/169600/wolfSSL-Buffer-Overflow.html

seclists.org/fulldisclosure/2022/Oct/24

blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/

github.com/wolfSSL/wolfssl/releases

www.wolfssl.com/docs/security-vulnerabilities/

Social References

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

0.004 Low

EPSS

Percentile

74.3%

JSON

Related for CVE-2022-39173

prion1 packetstorm1 openwrt1 alpinelinux1 ubuntucve1 cvelist1 osv1 veracode1 nvd1 debiancve1