CVE-2019-16748

Name of the Vulnerable Software and Affected Versions wolfSSL versions prior to 4.1.0

Description The issue is related to a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking, resulting in a one-byte heap-based buffer over-read. This occurs in the CheckCertSignature ex function in wolfcrypt/src/asn.c.

Recommendations For versions prior to 4.1.0, update to version 4.1.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the CheckCertSignature ex function in wolfcrypt/src/asn.c until a patch is available.