CVE-2022-42905
wolfSSL WOLFSSL_CALLBACKS Heap Buffer Over-Read
Severity Score
9.1
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
In wolfSSL before 5.5.2, if callback functions are enabled (via the WOLFSSL_CALLBACKS flag), then a malicious TLS 1.3 client or network attacker can trigger a buffer over-read on the heap of 5 bytes. (WOLFSSL_CALLBACKS is only intended for debugging.)
En wolfSSL anterior a 5.5.2, si las funciones callback están habilitadas (a través del indicador WOLFSSL_CALLBACKS), entonces un cliente TLS 1.3 malicioso o un atacante de red puede desencadenar una sobrelectura del búfer de memoria de 5 bytes. (WOLFSSL_CALLBACKS solo está destinado a la depuración).
wolfSSL versions prior to 5.5.2 suffer from a heap buffer over-read with WOLFSSL_CALLBACKS and can be triggered with a single Client Hello message.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2022-10-13 CVE Reserved
- 2022-11-06 CVE Published
- 2023-01-20 First Exploit
- 2024-08-03 CVE Updated
- 2025-04-03 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-125: Out-of-bounds Read
CAPEC
References (7)
| URL | Date | SRC |
|---|---|---|
| https://packetstorm.news/files/id/170610 | 2023-01-20 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.wolfssl.com/docs/security-vulnerabilities | 2023-02-15 |