CVE-2022-39173

Name of the Vulnerable Software and Affected Versions wolfSSL versions prior to 5.5.1

Description The issue occurs when malicious clients cause a buffer overflow during a TLS 1.3 handshake, specifically when an attacker supposedly resumes a previous TLS session. This happens when a Hello Retry Request is triggered during the resumption Client Hello, and both Client Hellos contain a list of duplicate cipher suites. Two Client Hellos are required to trigger the buffer overflow: one in the resumed session and a second one as a response to a Hello Retry Request message.

Recommendations For versions prior to 5.5.1, update to version 5.5.1 or later to resolve the issue. As a temporary workaround, consider restricting the use of TLS 1.3 handshake resumption to minimize the risk of exploitation. Avoid using duplicate cipher suites in Client Hellos until the issue is resolved.