2 matches found
UBUNTU-CVE-2026-5503
In TLSXEchChangeSNI, the ctx-extensions branch set extensions unconditionally even when TLSXFind returned NULL. This caused TLSXUseSNI to attach the attacker-controlled publicName to the shared WOLFSSLCTX when no inner SNI was configured. TLSXEchRestoreSNI then failed to clean it up because its...
CVE-2026-5503
CVE-2026-5503 affects wolfSSL’s TLSX_EchChangeSNI: the code path sets ctx->extensions unconditionally even when TLSX_Find returns NULL, causing an attacker-controlled publicName to be bound to the shared WOLFSSL_CTX when no inner SNI is configured. TLSX_EchRestoreSNI cannot clean it up because...