Описание
RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size.
RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-36177
- https://github.com/wolfSSL/wolfssl/pull/3426
- https://github.com/wolfSSL/wolfssl/commit/63bf5dc56ccbfc12a73b06327361687091a4c6f7
- https://github.com/wolfSSL/wolfssl/commit/fb2288c46dd4c864b78f00a47a364b96a09a5c0f
- https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=26567
- https://github.com/wolfSSL/wolfssl/releases/tag/v4.6.0-stable
Связанные уязвимости
CVSS3: 9.8
ubuntu
около 5 лет назад
RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size.
CVSS3: 9.8
nvd
около 5 лет назад
RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size.
CVSS3: 9.8
debian
около 5 лет назад
RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-o ...