Description
An integer overflow vulnerability existed in the static function wolfssl_add_to_chain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssl_add_to_chain is called by these API: wolfSSL_CTX_add_extra_chain_cert, wolfSSL_CTX_add1_chain_cert, wolfSSL_add0_chain_cert. These API are enabled for 3rd party compatibility features: enable-opensslall, enable-opensslextra, enable-lighty, enable-stunnel, enable-nginx, enable-haproxy. This issue is not remotely exploitable, and would require that the application context loading certificates is compromised.
Published: 2026-03-19
Score: 1.2 Low
EPSS: < 1% Very Low
KEV: No
Impact: Heap corruption during certificate chain allocation
Action: Assess
AI Analysis

Impact

An integer overflow in the static function wolfssl_add_to_chain causes heap corruption when certificate data is written beyond the bounds of an insufficiently sized buffer. This flaw occurs during certificate chain processing and can lead to application crashes or unpredictable behavior. The vulnerability is confined to the certificate loading context and is not remotely exploitable.

Affected Systems

The flaw affects the wolfSSL library, particularly when the APIs wolfSSL_CTX_add_extra_chain_cert, wolfSSL_CTX_add1_chain_cert, and wolfSSL_add0_chain_cert are used. These APIs are enabled for third‑party compatibility with OpenSSL, LibreSSL, Lighty, stunnel, nginx, and haproxy. No specific version ranges are provided.

Risk and Exploitability

CVSS is 1.2, reflecting low impact and limited exploitation. EPSS is under 1%, and the issue is not listed in the CISA KEV catalog. Since the flaw is local and requires control over the certificate loading process, it is unlikely to be leveraged in a remote attack. Nonetheless, if an attacker has local code execution privileges they could use the overflow to corrupt memory and potentially alter program behavior.

Generated by OpenCVE AI on March 26, 2026 at 22:40 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update wolfSSL to the latest release or apply any available patch that addresses the integer overflow in the certificate chain allocator.
  • Disable unused compatibility APIs (enable-opensslall, enable-opensslextra, enable-lighty, enable-stunnel, enable-nginx, enable-haproxy) if they are not required.
  • Verify that certificate buffers are adequately sized before passing certificates to wolfSSL.
  • Conduct a code review or audit of any custom certificate handling paths in the application.
  • Monitor the application for abnormal crashes or memory corruption indicators after configuration changes.

Generated by OpenCVE AI on March 26, 2026 at 22:40 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 26 Mar 2026 21:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 5.5, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H'}

Fri, 20 Mar 2026 17:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 20 Mar 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Wolfssl
Wolfssl wolfssl
Vendors & Products Wolfssl
Wolfssl wolfssl

Thu, 19 Mar 2026 21:15:00 +0000

Type Values Removed Values Added
Description An integer overflow vulnerability existed in the static function wolfssl_add_to_chain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssl_add_to_chain is called by these API: wolfSSL_CTX_add_extra_chain_cert, wolfSSL_CTX_add1_chain_cert, wolfSSL_add0_chain_cert. These API are enabled for 3rd party compatibility features: enable-opensslall, enable-opensslextra, enable-lighty, enable-stunnel, enable-nginx, enable-haproxy. This issue is not remotely exploitable, and would require that the application context loading certificates is compromised.
Title Integer Overflow in Certificate Chain Allocation
Weaknesses CWE-122
References
Metrics cvssV4_0

{'score': 1.2, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green'}

Subscriptions

Wolfssl Wolfssl
cve-icon MITRE

Status: PUBLISHED

Assigner: wolfSSL

Published:

Updated: 2026-03-20T16:29:47.729Z

Reserved: 2026-02-25T20:41:05.804Z

Link: CVE-2026-3229

cve-icon Vulnrichment

Updated: 2026-03-20T16:29:43.040Z

cve-icon NVD

Status : Analyzed

Published: 2026-03-19T21:17:12.330

Modified: 2026-03-26T20:57:44.620

Link: CVE-2026-3229

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-27T09:21:37Z

Weaknesses