Primary

Context

wolfSSL Packet Sniffer Integer Underflow Vulnerability in AEAD Decryption Path

Vulnerability

Patched

An integer underflow vulnerability has been identified in wolfSSL packet sniffer versions through 5.9.0. This vulnerability allows an attacker to cause a program crash during AEAD decryption by injecting a TLS record that is shorter than the explicit IV plus authentication tag into traffic being inspected by ssl_DecodePacket. The underflow wraps a 16-bit length to a large value, which is then passed to AEAD decryption routines, resulting in a large out-of-bounds read and subsequent crash. This vulnerability can be triggered remotely by an unauthenticated attacker via malformed TLS Application Data records.

Impact

Exploitation of this vulnerability leads to a program crash due to a large out-of-bounds read in the AEAD decryption process.

Remediation

Users can update to wolfSSL version 5.9.1 or later, where this vulnerability has been addressed.

Added: Apr 9, 2026, 10:49 PM

Updated: Apr 9, 2026, 10:49 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

3.1

exploitability

5.3

remediation

7.7

relevance

5.3

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

3.1

exploitability

5.3

remediation

7.7

relevance

5.3

threat

3.2

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

wolfSSL Packet Sniffer Integer Underflow Vulnerability in AEAD Decryption Path

Vulnerability

Impact

Remediation

Affected Products

wolfSSL

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating