CVE-2023-6937 — Improper Input Validation in Wolfssl

CWE-20 — Improper Input Validation5 documents5 sources

Severity

5.3MEDIUMNVD

EPSS

0.4%

top 36.72%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wolfssl Debian Wolfssl Msrc Azl3 Mariadb 10.11.6-3 ON Azure Linux 3.0 +4 more

Timeline

PublishedFeb 15

Description

wolfSSL prior to 5.6.6 did not check that messages in one (D)TLS record do not span key boundaries. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the server containing first a ServerHello message and then the rest of the first server flight would be accepted by a wolfSSL client. In (D)TLS 1.3 the handshake is encrypted after the Serv…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages9 packages

▶debiandebian/wolfssl< wolfssl 5.6.6-1.2 (forky)

▶NVDwolfssl/wolfssl< 5.6.6

▶Debianwolfssl/wolfssl< 5.6.6-1.2+1

▶CVEListV5wolfssl/wolfssl5.6.4

▶msrcmsrc/azure_linux_3.0_arm

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-ff3x-q8pg-rh37: wolfSSL prior to 5↗2024-02-15

▶

OSV

CVE-2023-6937: wolfSSL prior to 5↗2024-02-15

▶

📋Vendor Advisories

Microsoft

Improper (D)TLS key boundary enforcement↗2024-02-13

▶

Debian

CVE-2023-6937: wolfssl - wolfSSL prior to 5.6.6 did not check that messages in one (D)TLS record do not s...↗2023

▶