Impact
A buffer overflow occurs in SetSuitesHashSigAlgo when wolfSSL processes a signature algorithms list that exceeds the expected size, resulting in a write past the bounds of the destination buffer. The out-of-bounds write can corrupt adjacent memory and potentially cause a crash or other undefined behavior.
Affected Systems
The vulnerability resides in the wolfSSL library from the vendor wolfSSL. No specific versions are mentioned in the available data.
Risk and Exploitability
The CVSS score of 2 indicates a low severity and there is no EPSS data or KEV listing. The flaw is triggered when a TLS handshake or certificate chain includes an oversized signature algorithm list, which the system will process unconditionally. The likely attack requires an attacker to provide such a crafted input, which can be delivered either remotely through network connections or locally if the application accepts arbitrary TLS input. Successful exploitation would result only in memory corruption without a guaranteed execution vector, but the potential for crashes or unintended behavior remains. The low severity score suggests that wide-scale exploitation is unlikely at present.
OpenCVE Enrichment
Debian DLA