Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2022-39173

In wolfSSL before 5.5.1, malicious clients can cause a buffer overflow during a TLS 1.3 handshake. This occurs when an attacker supposedly resumes a previous TLS session. During the resumption Client Hello a Hello Retry Request must be triggered. Both Client Hellos are required to contain a list of duplicate cipher suites to trigger the buffer overflow. In total, two Client Hellos have to be sent: one in the resumed session, and a second one as a response to a Hello Retry Request message.

Published

2022-09-29T01:15:11.373

Last Modified

2025-05-20T20:15:23.307

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.5 (HIGH)

Weaknesses

Type: Primary
CWE-787
Type: Secondary
CWE-787

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	wolfssl	wolfssl	< 5.5.1	Yes

References

http://packetstormsecurity.com/files/169600/wolfSSL-Buffer-Overflow.html Exploit, Third Party Advisory, VDB Entry ([email protected])
http://seclists.org/fulldisclosure/2022/Oct/24 Mailing List, Third Party Advisory ([email protected])
https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/ ([email protected])
https://github.com/wolfSSL/wolfssl/releases Release Notes, Third Party Advisory ([email protected])
https://www.wolfssl.com/docs/security-vulnerabilities/ Vendor Advisory ([email protected])
http://packetstormsecurity.com/files/169600/wolfSSL-Buffer-Overflow.html Exploit, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2022/Oct/24 Mailing List, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/ (af854a3a-2127-422b-91ae-364da2661108)
https://github.com/wolfSSL/wolfssl/releases Release Notes, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://www.wolfssl.com/docs/security-vulnerabilities/ Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)