VulnerabilityDescription
A buffer overflow could occur wherein an attacker could via a network connection overwrite the data in RAM of a server running MatrixSSL (TLS Toolkit).Using a specially crafted packet it is possible to fool the TLS1.3 ‘change cipher spec’ processing to cause an integer overflow. The problem exists in the implementation of the matrixSslDecodeTls13() function in all MatrixSSL (TLS Toolkit) versions that support TLS1.3.
Impact
This vulnerability has been demonstrated to be usable for a denial-of-service attack. Additionally it might be possible for an attacker to exploit this vulnerability to install and execute malicious code.
Patches
Fixed version can be found in MatrixSSL 4.6.0
Workarounds
Disable TLS1.3 support.
Credits
The vulnerability was discovered by Robert Hörr and Alissar Ibrahim, Security Evaluators of the Telekom Security Evaluation Facility
VulnerabilityDescription
A buffer overflow could occur wherein an attacker could via a network connection overwrite the data in RAM of a server running MatrixSSL (TLS Toolkit).Using a specially crafted packet it is possible to fool the TLS1.3 ‘change cipher spec’ processing to cause an integer overflow. The problem exists in the implementation of the matrixSslDecodeTls13() function in all MatrixSSL (TLS Toolkit) versions that support TLS1.3.
Impact
This vulnerability has been demonstrated to be usable for a denial-of-service attack. Additionally it might be possible for an attacker to exploit this vulnerability to install and execute malicious code.
Patches
Fixed version can be found in MatrixSSL 4.6.0
Workarounds
Disable TLS1.3 support.
Credits
The vulnerability was discovered by Robert Hörr and Alissar Ibrahim, Security Evaluators of the Telekom Security Evaluation Facility