First published: Mon Aug 26 2019(Updated: )
wolfSSL 4.1.0 has a one-byte heap-based buffer over-read in DecodeCertExtensions in wolfcrypt/src/asn.c because reading the ASN_BOOLEAN byte is mishandled for a crafted DER certificate in GetLength_ex.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
WolfSSL wolfssl | =4.1.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-15651 is a vulnerability in wolfSSL 4.1.0 that allows a one-byte heap-based buffer over-read in DecodeCertExtensions.
The severity of CVE-2019-15651 is critical with a severity value of 9.8.
CVE-2019-15651 affects wolfSSL 4.1.0 and allows for a one-byte heap-based buffer over-read in the DecodeCertExtensions function in wolfcrypt/src/asn.c.
To fix CVE-2019-15651, it is recommended to update wolfSSL to a version that is not affected by the vulnerability.
More information about CVE-2019-15651 can be found at the following URL: https://github.com/wolfSSL/wolfssl/issues/2421