CVE-2019-11873

wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a
current identity size is greater than a client identity size. An attacker
sends a crafted hello client packet over the network to a TLSv1.3 wolfSSL
server. The length fields of the packet: record length, client hello
length, total extensions length, PSK extension length, total identity
length, and identity length contain their maximum value which is 2^16. The
identity data field of the PSK extension of the packet contains the attack
data, to be stored in the undefined memory (RAM) of the server. The size of
the data is about 65 kB. Possibly the attacker can perform a remote code
execution attack.

Bugs

• <http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929468&gt;