Description
Out-of-bounds write in SetSuitesHashSigAlgo when processing an oversized signature algorithms list, allowing a write past the bounds of the destination buffer.
Published: 2026-06-25
Score: 2 Low
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A buffer overflow occurs in SetSuitesHashSigAlgo when wolfSSL processes a signature algorithms list that exceeds the expected size, resulting in a write past the bounds of the destination buffer. The out-of-bounds write can corrupt adjacent memory and potentially cause a crash or other undefined behavior.

Affected Systems

The vulnerability resides in the wolfSSL library from the vendor wolfSSL. No specific versions are mentioned in the available data.

Risk and Exploitability

The CVSS score of 2 indicates a low severity and there is no EPSS data or KEV listing. The flaw is triggered when a TLS handshake or certificate chain includes an oversized signature algorithm list, which the system will process unconditionally. The likely attack requires an attacker to provide such a crafted input, which can be delivered either remotely through network connections or locally if the application accepts arbitrary TLS input. Successful exploitation would result only in memory corruption without a guaranteed execution vector, but the potential for crashes or unintended behavior remains. The low severity score suggests that wide-scale exploitation is unlikely at present.

Generated by OpenCVE AI on June 25, 2026 at 23:27 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the official patch or upgrade to the latest version of wolfSSL that eliminates the out-of-b SetSuitesHashSigAlgo to reject or limit the size of signature algorithm lists received in TLS handshakes
  • If an apply a temporary fix by truncating oversized lists to the maximum allowed length before they are processed
  • Configure the TLS layer to reject connections that present oversized signature algorithm lists, ensuring the input never reaches wolfSSL

Generated by OpenCVE AI on June 25, 2026 at 23:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories
Source ID Title
Debian DLA Debian DLA DLA-4683-1 wolfssl security update
History

Fri, 26 Jun 2026 11:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}


Fri, 26 Jun 2026 02:45:00 +0000

Type Values Removed Values Added
First Time appeared Wolfssl
Wolfssl wolfssl
Vendors & Products Wolfssl
Wolfssl wolfssl

Thu, 25 Jun 2026 21:30:00 +0000

Type Values Removed Values Added
Description Out-of-bounds write in SetSuitesHashSigAlgo when processing an oversized signature algorithms list, allowing a write past the bounds of the destination buffer.
Title Out-of-bounds write in SetSuitesHashSigAlgo on oversized signature algorithms list
Weaknesses CWE-787
References
Metrics cvssV4_0

{'score': 2, 'vector': 'CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:P/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/U:Clear'}


cve-icon MITRE

Status: PUBLISHED

Assigner: wolfSSL

Published:

Updated: 2026-06-26T10:23:33.220Z

Reserved: 2026-04-14T20:57:15.490Z

Link: CVE-2026-6325

cve-icon Vulnrichment

Updated: 2026-06-26T10:23:05.935Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-26T02:30:16Z

Weaknesses