CVE-2023-6936 Information

Description

In wolfSSL prior to 5.6.6 if callback functions are enabled (via the WOLFSSL_CALLBACKS flag) then a malicious TLS client or network attacker can trigger a buffer over-read on the heap of 5 bytes (WOLFSSL_CALLBACKS is only intended for debugging).

Reference

https://github.com/wolfSSL/wolfssl/pull/6949/ https://www.wolfssl.com/docs/security-vulnerabilities/