cbcvebase.
CVE-2019-11873
published 2019-05-23

CVE-2019-11873: wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. An attacker sends a…

PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
8.78%
94.5th percentile
wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. An attacker sends a crafted hello client packet over the network to a TLSv1.3 wolfSSL server. The length fields of the packet: record length, client hello length, total extensions length, PSK extension length, total identity length, and identity length contain their maximum value which is 2^16. The identity data field of the PSK extension of the packet contains the attack data, to be stored in the undefined memory (RAM) of the server. The size of the data is about 65 kB. Possibly the attacker can perform a remote code execution attack.

Affected

6 ranges
VendorProductVersion rangeFixed in
debianwolfssl< wolfssl 4.1.0+dfsg-1 (bookworm)wolfssl 4.1.0+dfsg-1 (bookworm)
wolfsslwolfssl
wolfsslwolfssl>= 0 < 4.1.0+dfsg-14.1.0+dfsg-1
wolfsslwolfssl>= 0 < 4.1.0+dfsg-14.1.0+dfsg-1
wolfsslwolfssl>= 0 < 4.1.0+dfsg-14.1.0+dfsg-1
wolfsslwolfssl>= 0 < 4.1.0+dfsg-14.1.0+dfsg-1

Detection & IOCsextracted from sources · hover to see the quote

pathtls13.c
  • Monitor for inbound TLSv1.3 Client Hello packets where PSK extension fields (record length, client hello length, total extensions length, PSK extension length, total identity length, identity length) are set to or near their maximum value of 65535 (0xFFFF).
  • Alert on oversized (~65 kB) identity data payloads within the PSK extension of a TLSv1.3 Client Hello directed at a wolfSSL server, as this is the attack data vector used to overflow server RAM.
  • Target detection at wolfSSL servers running version 4.0.0; the vulnerable function is DoPreSharedKeys() triggered when current identity size exceeds client identity size during PSK negotiation.
  • ·The vulnerability is only exploitable when the wolfSSL server is configured to use TLSv1.3 with PSK (Pre-Shared Key) extension support enabled. Servers not using TLSv1.3 or PSK are not affected.
  • ·Fixed in wolfSSL 4.1.0; Debian packages resolved in version 4.1.0+dfsg-1 across all tracked suites (bookworm, bullseye, forky, sid, trixie).

CVSS provenance

nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
osv9.8CRITICAL
vendor_debian9.8CRITICAL
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.