CVE-2023-3724 TLS 1.3 client issue handling malicious server when not including a KSE and PSK extension

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

CVE-2023-3724

This CVE (CVE-2023-3724) describes a TLS 1.3 client-side issue where, if a server is malicious and the client sends neither a PSK nor a KSE, a default, potentially known, IKM buffer is used to generate the session master secret. The root cause is a mishandled IKM when PSK/KSE are absent, which ca...

CVE-2023-3724

If a TLS 1.3 client gets neither a PSK pre shared key extension nor a KSE key share extension when connecting to a malicious server, a default predictable buffer gets used for the IKM Input Keying Material value when generating the session master secret. Using a potentially known IKM value when...

wolfSSL 信任管理问题漏洞

wolfSSL CyaSSL is a small, portable embedded SSL programming library for embedded systems developers from WolfSSL, Inc. in the United States. A security vulnerability exists in WolfSSL versions prior to 5.6.2 that stems from a security issue with TLS 1.3 sessions that allows an eavesdropper to...

PT-2023-25848 · Wolfssl · Wolfssl

Name of the Vulnerable Software and Affected Versions: wolfSSL affected versions not specified Description: When a TLS 1.3 client connects to a malicious server without receiving a PSK pre shared key extension or a KSE key share extension, it uses a default predictable buffer for the IKM Input...

PT-2023-35804 · Wolfssl · Wolfssl

Name of the Vulnerable Software and Affected Versions: wolfSSL affected versions not specified Description: The issue is related to a heap-double-free crash. Technical details about the crash include the wolfCrypt custom free and wolfSSL Free functions, as well as the FreeOcspRequest function...

Siemens SCALANCE W1750D Cryptographic Issues (CVE-2017-13099)

wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as ROBOT. This plugin only works with Tenable.ot...

K15622: wolfSSL CyaSSL vulnerability CVE-2013-1623

Security Advisory Description The TLS and DTLS implementations in wolfSSL CyaSSL before 2.5.0 do not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks...

SUSE CVE-2013-1623

The TLS and DTLS implementations in wolfSSL CyaSSL before 2.5.0 do not properly consider timing side-channel attacks on a noncompliant MAC check operation during the processing of malformed CBC padding, which allows remote attackers to conduct distinguishing attacks and plaintext-recovery attacks...

SUSE CVE-2016-7440

The C software implementation of AES Encryption and Decryption in wolfSSL formerly CyaSSL before 3.9.10 makes it easier for local users to discover AES keys by leveraging cache-bank timing differences...

SUSE CVE-2017-13099

wolfSSL prior to version 3.12.2 provides a weak Bleichenbacher oracle when any TLS cipher suite using RSA key exchange is negotiated. An attacker can recover the private key from a vulnerable wolfSSL application. This vulnerability is referred to as "ROBOT."...

wolfSSL 5.5.2 WOLFSSL_CALLBACKS Heap Buffer Over-Read Vulnerability

wolfSSL before 5.5.2: Heap-buffer over-read with WOLFSSLCALLBACKS ==================================================================== INFO ======= The CVE project has assigned the id CVE-2022-42905 to this issue. Severity: 9.1 CRITICAL Affected version: before 5.5.2 End of embargo: Ended October...

wolfSSL 5.3.0 Denial Of Service Vulnerability

In wolfSSL version 5.3.0, man-in-the-middle attackers or a malicious server can crash TLS 1.2 clients during a handshake. If an attacker injects a large ticket above 256 bytes into a NewSessionTicket message in a TLS 1.2 handshake, and the client has a non-empty session cache, the session cache...

wolfSSL 5.5.0 Session Resumption Denial Of Service Vulnerability

wolfSSL versions prior to 5.5.0 suffer from a denial of service condition related to session resumption. When a TLS 1.3 client connects to a wolfSSL server and SSLclear is called on its session, the server crashes with a segmentation fault. The bug occurs after a client performs a handshake again...

wolfSSL WOLFSSL_CALLBACKS Heap Buffer Over-Read

wolfSSL before 5.5.2: Heap-buffer over-read with WOLFSSLCALLBACKS ==================================================================== INFO ======= The CVE project has assigned the id CVE-2022-42905 to this issue. Severity: 9.1 CRITICAL Affected version: before 5.5.2 End of embargo: Ended October...

PT-2023-35640 · Wolfssl · Wolfssl

Name of the Vulnerable Software and Affected Versions: wolfSSL affected versions not specified Description: The issue is related to a heap buffer overflow error. Technical details about the error include a crash type of Heap-buffer-overflow WRITE 16. The crash state involves the wc AesCbcEncrypt...

The vulnerability of the SSL/TLS WolfSSL library lies in its ability to read data beyond the buffer boundaries in memory. This allows attackers to gain unauthorized access to protected information or cause service failures.

The vulnerability of the SSL/TLS library WolfSSL is related to the ability to read data beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain unauthorized access to protected information or cause service failures through the...

MariaDB 5.5.0 < 5.5.53 Multiple Vulnerabilities

The version of MariaDB installed on the remote host is prior to 5.5.53. It is, therefore, affected by multiple vulnerabilities as referenced in the 5.5.53 advisory. - Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Client mysqldump. Supported versions that are affected a...

Buffer Over Read

wolfSSL is vulnerable to buffer overreads. The vulnerability exists if callback functions are enabled via the WOLFSSLCALLBACKS flag which allows an attacker to trigger a buffer over-read on the heap of 5 bytes...

Heap-based Buffer Overflow

Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow if callback functions are enabled via the WOLFSSLCALLBACKS flag. A malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. Note: WOLFSSLCALLBACKS is only intended fo...