oss-sec mailing list archives

Re: Stack buffer overflow in WolfSSL before 3.13.0

From: Yves-Alexis Perez <corsac () debian org>
Date: Mon, 26 Mar 2018 09:55:05 +0200

On Sat, 2018-03-24 at 23:48 +0100, Hanno Böck wrote:

https://blog.fuzzing-project.org/63-Stack-buffer-overflow-in-WolfSSL-before-3.13.0.html

During some tests of TLS libraries I found a stack buffer overflow
vulnerability in the WolfSSL library. Finding this one was surprisingly
simple: I had a wolfssl server that was compiled with address sanitizer
and ran the SSL Labs test against it.


Hi,

was a CVE requested/assigned for this issue?

Regards,
-- 
Yves-Alexis

Attachment: signature.asc
Description: This is a digitally signed message part

Current thread:

Stack buffer overflow in WolfSSL before 3.13.0 Hanno Böck (Mar 24)
- Re: Stack buffer overflow in WolfSSL before 3.13.0 Yves-Alexis Perez (Mar 26)