CVE-2019-18840

Name of the Vulnerable Software and Affected Versions wolfSSL versions 4.1.0 through 4.2.0c

Description The issue arises from missing sanity checks of memory accesses in parsing ASN.1 certificate data during handshaking. Specifically, a one-byte heap-based buffer overflow occurs inside the DecodedCert structure in the GetName function in wolfcrypt/src/asn.c. This happens because the domain name location index is mishandled, leading to a pointer being overwritten and resulting in an invalid free.

Recommendations For wolfSSL versions 4.1.0 through 4.2.0c, consider updating to a version that includes the necessary sanity checks for memory accesses in parsing ASN.1 certificate data to prevent the heap-based buffer overflow. As a temporary workaround, consider restricting the use of the GetName function in wolfcrypt/src/asn.c until a patch is available.