CVE-2019-11873

Name of the Vulnerable Software and Affected Versions wolfSSL version 4.0.0

Description The issue arises from a buffer overflow in the DoPreSharedKeys function in tls13.c, specifically when the current identity size exceeds the client identity size. An attacker can exploit this by sending a crafted hello client packet to a TLSv1.3 wolfSSL server, where the packet's length fields (record length, client hello length, total extensions length, PSK extension length, total identity length, and identity length) are set to their maximum value of 2^16. The identity data field of the PSK extension contains the attack data, which is then stored in undefined memory on the server, with a size of approximately 65 kB. This could potentially allow for a remote code execution attack.

Recommendations For wolfSSL version 4.0.0, as a temporary workaround, consider disabling the DoPreSharedKeys function in tls13.c until a patch is available. Restrict access to the TLSv1.3 protocol to minimize the risk of exploitation. Avoid using the PSK extension in the affected API endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.