CVE-2016-6890

Name of the Vulnerable Software and Affected Versions MatrixSSL versions prior to 3.8.6

Description The issue is caused by a heap-based buffer overflow in the dynamic memory of MatrixSSL. This can be exploited by a remote attacker to execute arbitrary code using a specially crafted X.509 certificate with a Subject Alt Name.

Recommendations For versions prior to 3.8.6, update to version 3.8.6 or later to resolve the issue. As a temporary workaround, consider restricting the use of X.509 certificates with specially crafted Subject Alt Name fields until the update is applied.