Bugs fixes in "wolfssl"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2026-5778 | Integer underflow in wolfSSL packet sniffer <= 5.9.0 allows an attacker to cause a program crash in the AEAD decryption path by injecting a TLS recor | 2026-04-23 |
| CVE | CVE-2026-5772 | A 1-byte stack buffer over-read was identified in the MatchDomainName function (src/internal.c) during wildcard hostname validation when the LEFT_MOS | 2026-04-23 |
| CVE | CVE-2026-5507 | When restoring a session from cache, a pointer from the serialized session data is used in a free operation without validation. An attacker who can p | 2026-04-23 |
| CVE | CVE-2026-5504 | A padding oracle exists in wolfSSL's PKCS7 CBC decryption that could allow an attacker to recover plaintext through repeated decryption queries with | 2026-04-23 |
| CVE | CVE-2026-5503 | In TLSX_EchChangeSNI, the ctx->extensions branch set extensions unconditionally even when TLSX_Find returned NULL. This caused TLSX_UseSNI to attach | 2026-04-23 |
| CVE | CVE-2026-5501 | wolfSSL_X509_verify_cert in the OpenSSL compatibility layer accepts a certificate chain in which the leaf's signature is not checked, if the attacker | 2026-04-23 |
| CVE | CVE-2026-5500 | wolfSSL's wc_PKCS7_DecodeAuthEnvelopedData() does not properly sanitize the AES-GCM authentication tag length received and has no lower bounds check. | 2026-04-23 |
| CVE | CVE-2026-5479 | In wolfSSL's EVP layer, the ChaCha20-Poly1305 AEAD decryption path in wolfSSL_EVP_CipherFinal (and related EVP cipher finalization functions) fails t | 2026-04-23 |
| CVE | CVE-2026-5477 | An integer overflow existed in the wolfCrypt CMAC implementation, that could be exploited to forge CMAC tags. The function wc_CmacUpdate used theĀ gua | 2026-04-23 |
| CVE | CVE-2026-5466 | wolfSSL's ECCSI signature verifier `wc_VerifyEccsiHash` decodes the `r` and `s` scalars from the signature blob via `mp_read_unsigned_bin` with no ch | 2026-04-23 |
| CVE | CVE-2026-5460 | A heap use-after-free exists in wolfSSL's TLS 1.3 post-quantum cryptography (PQC) hybrid KeyShare processing. In the error handling path of TLSX_KeyS | 2026-04-23 |
| CVE | CVE-2026-5448 | X.509 date buffer overflow in wolfSSL_X509_notAfter / wolfSSL_X509_notBefore. A buffer overflow may occur when parsing date fields from a crafted X.5 | 2026-04-23 |
| CVE | CVE-2026-5447 | Heap buffer overflow in CertFromX509 via AuthorityKeyIdentifier size confusion. A heap buffer overflow occurs when converting an X.509 certificate in | 2026-04-23 |
| CVE | CVE-2026-5446 | In wolfSSL, ARIA-GCM cipher suites used in TLS 1.2 and DTLS 1.2 reuse an identical 12-byte GCM nonce for every application-data record. Because wc_Ar | 2026-04-23 |
| CVE | CVE-2026-5393 | Dual-Algorithm CertificateVerify out-of-bounds read. When processing a dual-algorithm CertificateVerify message, an out-of-bounds read can occur on c | 2026-04-23 |
| CVE | CVE-2026-5392 | Heap out-of-bounds read in PKCS7 parsing. A crafted PKCS7 message can trigger an OOB read on the heap. The missing bounds check is in the indefinite- | 2026-04-23 |
| CVE | CVE-2026-5295 | A stack buffer overflow exists in wolfSSL's PKCS7 implementation in the wc_PKCS7_DecryptOri() function in wolfcrypt/src/pkcs7.c. When processing a CM | 2026-04-23 |
| CVE | CVE-2026-5264 | Heap buffer overflow in DTLS 1.3 ACK message processing. A remote attacker can send a crafted DTLS 1.3 ACK message that triggers a heap buffer overfl | 2026-04-23 |
| CVE | CVE-2026-5263 | URI nameConstraints from constrained intermediate CAs are parsed but not enforced during certificate chain verification in wolfcrypt/src/asn.c. A com | 2026-04-23 |
| CVE | CVE-2026-5194 | Missing hash/digest size and OID checks allow digests smaller than allowed when verifying ECDSA certificates, or smaller than is appropriate for the | 2026-04-23 |
About
-
Send Feedback to @ubuntu_updates
