Home

Description

An integer overflow vulnerability existed in the static function wolfssl_add_to_chain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssl_add_to_chain is called by these API: wolfSSL_CTX_add_extra_chain_cert, wolfSSL_CTX_add1_chain_cert, wolfSSL_add0_chain_cert. These API are enabled for 3rd party compatibility features: enable-opensslall, enable-opensslextra, enable-lighty, enable-stunnel, enable-nginx, enable-haproxy. This issue is not remotely exploitable, and would require that the application context loading certificates is compromised.

PUBLISHED Reserved 2026-02-25 | Published 2026-03-19 | Updated 2026-03-20 | Assigner wolfSSL




LOW: 1.2CVSS:4.0/AV:L/AC:L/AT:P/PR:N/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/U:Green

Problem types

CWE-122 Heap-based buffer overflow

Product status

Default status
unaffected

Any version before 5.9.0
affected

Credits

Kunyuk finder

Pelioro finder

References

github.com/wolfSSL/wolfssl/pull/9827

cve.org (CVE-2026-3229)

nvd.nist.gov (CVE-2026-3229)

Download JSON