Описание
An issue was discovered in wolfSSL before 4.5.0. It mishandles the change_cipher_spec (CCS) message processing logic for TLS 1.3. If an attacker sends ChangeCipherSpec messages in a crafted way involving more than one in a row, the server becomes stuck in the ProcessReply() loop, i.e., a denial of service.
| Релиз | Статус | Примечание |
|---|---|---|
| bionic | ignored | end of standard support, was needed |
| devel | not-affected | 4.5.0+dfsg-2 |
| esm-apps/bionic | needed | |
| esm-apps/focal | needed | |
| esm-apps/jammy | not-affected | 4.5.0+dfsg-2 |
| esm-apps/noble | not-affected | 4.5.0+dfsg-2 |
| esm-apps/xenial | needed | |
| esm-infra-legacy/trusty | DNE | |
| focal | ignored | end of standard support, was needed |
| groovy | not-affected | 4.5.0+dfsg-2 |
Показывать по
5 Medium
CVSS2
7.5 High
CVSS3
Связанные уязвимости
An issue was discovered in wolfSSL before 4.5.0. It mishandles the change_cipher_spec (CCS) message processing logic for TLS 1.3. If an attacker sends ChangeCipherSpec messages in a crafted way involving more than one in a row, the server becomes stuck in the ProcessReply() loop, i.e., a denial of service.
An issue was discovered in wolfSSL before 4.5.0. It mishandles the cha ...
An issue was discovered in wolfSSL before 4.5.0. It mishandles the change_cipher_spec (CCS) message processing logic for TLS 1.3. If an attacker sends ChangeCipherSpec messages in a crafted way involving more than one in a row, the server becomes stuck in the ProcessReply() loop, i.e., a denial of service.
5 Medium
CVSS2
7.5 High
CVSS3