6 matches found
Linux Distros Unpatched Vulnerability : CVE-2023-6937
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL prior to 5.6.6 did not check that messages in one DTLS record do not span key boundaries. As a result, it was possible to combine DTLS messages using...
Azure Linux 3.0 Security Update: mariadb (CVE-2023-6937)
The version of mariadb installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6937 advisory. - wolfSSL prior to 5.6.6 did not check that messages in one DTLS record do not span key boundaries. As a resul...
CBL Mariner 2.0 Security Update: mariadb (CVE-2023-6937)
The version of mariadb installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-6937 advisory. - wolfSSL prior to 5.6.6 did not check that messages in one DTLS record do not span key boundaries. As a resul...
CVE-2023-6937 Improper (D)TLS key boundary enforcement
wolfSSL prior to 5.6.6 did not check that messages in one DTLS record do not span key boundaries. As a result, it was possible to combine DTLS messages using different keys into one DTLS record. The most extreme edge case is that, in DTLS 1.3, it was possible that an unencrypted DTLS 1.3 record...
CVE-2023-6937 Improper (D)TLS key boundary enforcement
wolfSSL prior to 5.6.6 did not check that messages in one DTLS record do not span key boundaries. As a result, it was possible to combine DTLS messages using different keys into one DTLS record. The most extreme edge case is that, in DTLS 1.3, it was possible that an unencrypted DTLS 1.3 record...
CVE-2023-6937
Summary: CVE-2023-6937 affects wolfSSL prior to 5.6.6, where messages within a single (D)TLS record were not checked for crossing key boundaries. This allows combining messages encrypted under different keys into one record, with a notable edge case in (D)TLS 1.3 where an unencrypted server fligh...