Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-11936

Опубликовано: 21 нояб. 2025
Источник: debian
EPSS Низкий

Описание

Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing duplicate KeyShareEntry values for the same supported group, leading to excessive CPU and memory consumption during ClientHello processing.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
wolfsslfixed5.8.4-1package
wolfsslno-dsatrixiepackage
wolfsslno-dsabookwormpackage
wolfsslpostponedbullseyepackage

Примечания

  • https://github.com/wolfSSL/wolfssl/pull/9117

  • Fixed by: https://github.com/wolfSSL/wolfssl/commit/b1cdf0b214f0e9c0d34e29d16325cbe9a8deb87d (v5.8.4-stable)

EPSS

Процентиль: 7%
0.00027
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2025-11936

CVSS3: 5.3
ubuntu
3 месяца назад

Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing duplicate KeyShareEntry values for the same supported group, leading to excessive CPU and memory consumption during ClientHello processing.

nvd логотип

CVE-2025-11936

CVSS3: 5.3
nvd
3 месяца назад

Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing duplicate KeyShareEntry values for the same supported group, leading to excessive CPU and memory consumption during ClientHello processing.

msrc логотип

CVE-2025-11936

msrc
2 месяца назад

Potential DoS Vulnerability through Multiple KeyShareEntry with Same Group in TLS 1.3 ClientHello

github логотип

GHSA-2mmq-prpj-ww9q

CVSS3: 5.3
github
3 месяца назад

Improper input validation in the TLS 1.3 KeyShareEntry parsing in wolfSSL v5.8.2 on multiple platforms allows a remote unauthenticated attacker to cause a denial-of-service by sending a crafted ClientHello message containing duplicate KeyShareEntry values for the same supported group, leading to excessive CPU and memory consumption during ClientHello processing.

EPSS

Процентиль: 7%
0.00027
Низкий