Description
Integer underflow in wolfSSL packet sniffer <= 5.9.0 allows an attacker to cause a program crash in the AEAD decryption path by injecting a TLS record shorter than the explicit IV plus authentication tag into traffic inspected by ssl_DecodePacket. The underflow wraps a 16-bit length to a large value that is passed to AEAD decryption routines, causing a large out-of-bounds read and crash. An unauthenticated attacker can trigger this remotely via malformed TLS Application Data records.
Published: 2026-04-09
Score: 2.1 Low
EPSS: < 1% Very Low
KEV: No
Impact: Denial of Service via program crash
Action: Patch
AI Analysis

Impact

An integer underflow in the packet sniffer’s ChaCha decrypt path misinterprets a TLS record length, causing the AEAD routine to read a large, invalid buffer. This out‑of‑bounds read terminates the process, yielding a denial‑of‑service condition. The flaw is a classic integer underflow (CWE‑191) that does not disclose data or alter the encrypted content.

Affected Systems

wolfSSL library versions 5.9.0 and earlier contain the vulnerable logic. Any deployment that activates the packet sniffer on traffic that includes TLS records, regardless of the host operating system or programming language, may be affected.

Risk and Exploitability

With a CVSS score of 2.1 the vulnerability is considered low severity. The exploit does not require authentication and can be triggered remotely by sending malformed TLS Application Data records. The attacker only gains a process crash, leading to denial of service. There is no evidence of active exploitation, as it is not listed in the CISA known exploited vulnerabilities catalog, and the EPSS score is unavailable.

Generated by OpenCVE AI on April 10, 2026 at 00:24 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade wolfSSL to a version newer than 5.9.0.
  • If upgrade cannot be performed immediately, disable the packet sniffer or the ChaCha decryption path.
  • Monitor logs for crashes or segmentation faults that may indicate exploitation attempts.

Generated by OpenCVE AI on April 10, 2026 at 00:24 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 29 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*
Metrics cvssV3_1

{'score': 6.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H'}

Fri, 10 Apr 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Fri, 10 Apr 2026 09:00:00 +0000

Type Values Removed Values Added
First Time appeared Wolfssl
Wolfssl wolfssl
Vendors & Products Wolfssl
Wolfssl wolfssl

Thu, 09 Apr 2026 22:00:00 +0000

Type Values Removed Values Added
Description Integer underflow in wolfSSL packet sniffer <= 5.9.0 allows an attacker to cause a program crash in the AEAD decryption path by injecting a TLS record shorter than the explicit IV plus authentication tag into traffic inspected by ssl_DecodePacket. The underflow wraps a 16-bit length to a large value that is passed to AEAD decryption routines, causing a large out-of-bounds read and crash. An unauthenticated attacker can trigger this remotely via malformed TLS Application Data records.
Title Integer underflow leads to out-of-bounds access in sniffer ChaCha decrypt path.
Weaknesses CWE-191
References
Metrics cvssV4_0

{'score': 2.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:P/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N'}

Subscriptions

Wolfssl Wolfssl
cve-icon MITRE

Status: PUBLISHED

Assigner: wolfSSL

Published:

Updated: 2026-04-10T13:53:29.181Z

Reserved: 2026-04-08T08:25:15.400Z

Link: CVE-2026-5778

cve-icon Vulnrichment

Updated: 2026-04-10T13:53:24.721Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-09T22:16:37.097

Modified: 2026-04-29T14:50:39.593

Link: CVE-2026-5778

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-10T09:27:42Z

Weaknesses