cnvd - cnvd-2024-37454

cnvd-2024-37454

Vulnerability from cnvd

Title: wolfSSL输入验证错误漏洞

Description:

wolfSSL（CyaSSL）是美国wolfSSL公司的一个针对嵌入式系统开发人员使用的小的、可移植的嵌入式SSL编程库。

WolfSSL 5.6.6之前版本存在输入验证错误漏洞，该漏洞源于未检查消息是否跨越密钥边界，攻击者可利用该漏洞将使用不同密钥的消息合并到一个记录中。

Severity: 中

Patch Name: wolfSSL输入验证错误漏洞的补丁

Patch Description:

wolfSSL（CyaSSL）是美国wolfSSL公司的一个针对嵌入式系统开发人员使用的小的、可移植的嵌入式SSL编程库。

WolfSSL 5.6.6之前版本存在输入验证错误漏洞，该漏洞源于未检查消息是否跨越密钥边界，攻击者可利用该漏洞将使用不同密钥的消息合并到一个记录中。目前，供应商发布了安全公告及相关补丁信息，修复了此漏洞。

Formal description:

厂商已发布了漏洞修复程序，请及时关注更新： https://www.wolfssl.com/docs/security-vulnerabilities/

Reference: https://github.com/wolfSSL/wolfssl/pull/7029

Impacted products

Name
wolfSSL Inc. WolfSSL <5.6.6

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2023-6937",
      "cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2023-6937"
    }
  },
  "description": "wolfSSL\uff08CyaSSL\uff09\u662f\u7f8e\u56fdwolfSSL\u516c\u53f8\u7684\u4e00\u4e2a\u9488\u5bf9\u5d4c\u5165\u5f0f\u7cfb\u7edf\u5f00\u53d1\u4eba\u5458\u4f7f\u7528\u7684\u5c0f\u7684\u3001\u53ef\u79fb\u690d\u7684\u5d4c\u5165\u5f0fSSL\u7f16\u7a0b\u5e93\u3002\n\nWolfSSL 5.6.6\u4e4b\u524d\u7248\u672c\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u672a\u68c0\u67e5\u6d88\u606f\u662f\u5426\u8de8\u8d8a\u5bc6\u94a5\u8fb9\u754c\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u4f7f\u7528\u4e0d\u540c\u5bc6\u94a5\u7684\u6d88\u606f\u5408\u5e76\u5230\u4e00\u4e2a\u8bb0\u5f55\u4e2d\u3002",
  "formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.wolfssl.com/docs/security-vulnerabilities/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2024-37454",
  "openTime": "2024-09-05",
  "patchDescription": "wolfSSL\uff08CyaSSL\uff09\u662f\u7f8e\u56fdwolfSSL\u516c\u53f8\u7684\u4e00\u4e2a\u9488\u5bf9\u5d4c\u5165\u5f0f\u7cfb\u7edf\u5f00\u53d1\u4eba\u5458\u4f7f\u7528\u7684\u5c0f\u7684\u3001\u53ef\u79fb\u690d\u7684\u5d4c\u5165\u5f0fSSL\u7f16\u7a0b\u5e93\u3002\r\n\r\nWolfSSL 5.6.6\u4e4b\u524d\u7248\u672c\u5b58\u5728\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u672a\u68c0\u67e5\u6d88\u606f\u662f\u5426\u8de8\u8d8a\u5bc6\u94a5\u8fb9\u754c\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5c06\u4f7f\u7528\u4e0d\u540c\u5bc6\u94a5\u7684\u6d88\u606f\u5408\u5e76\u5230\u4e00\u4e2a\u8bb0\u5f55\u4e2d\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "wolfSSL\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e\u7684\u8865\u4e01",
  "products": {
    "product": "wolfSSL Inc. WolfSSL \u003c5.6.6"
  },
  "referenceLink": "https://github.com/wolfSSL/wolfssl/pull/7029",
  "serverity": "\u4e2d",
  "submitTime": "2024-02-28",
  "title": "wolfSSL\u8f93\u5165\u9a8c\u8bc1\u9519\u8bef\u6f0f\u6d1e"
}

CVE-2023-6937 (GCVE-0-2023-6937)

Vulnerability from cvelistv5

Published

2024-02-15 17:21

Modified

2025-04-24 15:13

Severity ?

5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE

CWE-20 - Improper Input Validation

Summary

wolfSSL prior to 5.6.6 did not check that messages in one (D)TLS record do not span key boundaries. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the server containing first a ServerHello message and then the rest of the first server flight would be accepted by a wolfSSL client. In (D)TLS 1.3 the handshake is encrypted after the ServerHello but a wolfSSL client would accept an unencrypted flight from the server. This does not compromise key negotiation and authentication so it is assigned a low severity rating.

References

▼	URL	Tags
	https://github.com/wolfSSL/wolfssl/pull/7029	patch
	https://www.wolfssl.com/docs/security-vulnerabilities/	vendor-advisory

Impacted products

	Vendor	Product	Version
	wolfSSL	wolfSSL	Version: 0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:wolfssl:wolfssl:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "wolfssl",
            "vendor": "wolfssl",
            "versions": [
              {
                "lessThanOrEqual": "5.64",
                "status": "affected",
                "version": "0",
                "versionType": "custom"
              }
            ]
          }
        ],
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-6937",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-04-24T15:13:21.405337Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-04-24T15:13:34.315Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T08:42:08.518Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "patch",
              "x_transferred"
            ],
            "url": "https://github.com/wolfSSL/wolfssl/pull/7029"
          },
          {
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.wolfssl.com/docs/security-vulnerabilities/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "modules": [
            "(D)TLS"
          ],
          "product": "wolfSSL",
          "repo": "https://github.com/wolfSSL/wolfssl",
          "vendor": "wolfSSL",
          "versions": [
            {
              "lessThanOrEqual": "5.6.4",
              "status": "affected",
              "version": "0",
              "versionType": "release bundle"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "user": "00000000-0000-4000-9000-000000000000",
          "value": "Johannes Wilson from Sectra Communications and Link\u00f6ping University"
        }
      ],
      "datePublic": "2023-12-20T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "wolfSSL prior to 5.6.6 did not check that messages in one (D)TLS record do not span key boundaries. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the server containing first a ServerHello message and then the rest of the first server flight would be accepted by a wolfSSL client. In (D)TLS 1.3 the handshake is encrypted after the ServerHello but a wolfSSL client would accept an unencrypted flight from the server. This does not compromise key negotiation and authentication so it is assigned a low severity rating."
            }
          ],
          "value": "wolfSSL prior to 5.6.6 did not check that messages in one (D)TLS record do not span key boundaries. As a result, it was possible to combine (D)TLS messages using different keys into one (D)TLS record. The most extreme edge case is that, in (D)TLS 1.3, it was possible that an unencrypted (D)TLS 1.3 record from the server containing first a ServerHello message and then the rest of the first server flight would be accepted by a wolfSSL client. In (D)TLS 1.3 the handshake is encrypted after the ServerHello but a wolfSSL client would accept an unencrypted flight from the server. This does not compromise key negotiation and authentication so it is assigned a low severity rating."
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-272",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-272 Protocol Manipulation"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.3,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-20",
              "description": "CWE-20 Improper Input Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-02-15T17:21:44.342Z",
        "orgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27",
        "shortName": "wolfSSL"
      },
      "references": [
        {
          "tags": [
            "patch"
          ],
          "url": "https://github.com/wolfSSL/wolfssl/pull/7029"
        },
        {
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.wolfssl.com/docs/security-vulnerabilities/"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eThe fix for this issue is located in the following GitHub Pull Request: \u003c/span\u003e\u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://github.com/wolfSSL/wolfssl/pull/7029\"\u003e\u003cspan style=\"background-color: transparent;\"\u003ehttps://github.com/wolfSSL/wolfssl/pull/7029\u003c/span\u003e\u003c/a\u003e\u003cspan style=\"background-color: transparent;\"\u003e.\u003c/span\u003e\u003c/p\u003e"
            }
          ],
          "value": "The fix for this issue is located in the following GitHub Pull Request:  https://github.com/wolfSSL/wolfssl/pull/7029 https://github.com/wolfSSL/wolfssl/pull/7029 .\n\n"
        }
      ],
      "source": {
        "discovery": "EXTERNAL"
      },
      "title": "Improper (D)TLS key boundary enforcement",
      "x_generator": {
        "engine": "Vulnogram 0.1.0-dev"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "50d2cd11-d01a-48ed-9441-5bfce9d63b27",
    "assignerShortName": "wolfSSL",
    "cveId": "CVE-2023-6937",
    "datePublished": "2024-02-15T17:21:44.342Z",
    "dateReserved": "2023-12-18T22:03:02.400Z",
    "dateUpdated": "2025-04-24T15:13:34.315Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted