Per Allansson

**Name of the Vulnerable Software and Affected Versions** wolfSSL (affected versions not specified) **Description** The OpenSSL compatibility layer implementation had an issue with the `RAND poll()` function, potentially leading to predictable values returned from `RAND bytes()` after a `fork()` call. This could result in weak or predictable random numbers in applications using `RAND bytes()` and performing `fork()` operations. The issue does not affect internal TLS operations. A code change was implemented to reseed the Hash-DRBG after detecting a new process, similar to OpenSSL’s behavior. **Recommendations** Update to the latest version of wolfSSL.

**Name of the Vulnerable Software and Affected Versions** WolfSSL (affected versions not specified) **Description** A malicious TLS1.2 server can force a TLS1.3 client with downgrade capability to use a ciphersuite that it did not agree to and achieve a successful connection. This is because, aside from the extensions, the client was skipping fully parsing the server hello. The issue is related to the implementation of the TLS protocol in the WolfSSL library, which is associated with access control deficiencies. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** OpenSSL versions 1.0.2 through 1.0.2a (excluding 1.0.2a) **Description** The issue is related to the dtls1 listen function in OpenSSL, which does not properly isolate state information of independent data streams. This can be exploited by a remote attacker to cause a denial of service via crafted DTLS traffic. The attacker can generate DTLS traffic to cause the application to crash due to incorrect pointer dereferences. **Recommendations** For OpenSSL versions 1.0.2 through 1.0.2a (excluding 1.0.2a), update to version 1.0.2a or later to resolve the issue. As a temporary workaround, consider restricting DTLS traffic to minimize the risk of exploitation.