Marvin Attack Affecting wolfssl/wolfssl package, versions [,5.6.6)
Threat Intelligence
The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-UNMANAGED-WOLFSSLWOLFSSL-6252552
- published19 Feb 2024
- disclosed15 Feb 2024
- creditHubert Kario
Introduced: 15 Feb 2024
CVE-2023-6937 (opens in a new tab)How to fix?
Upgrade wolfssl/wolfssl to version 5.6.6 or higher.
Overview
Affected versions of this package are vulnerable to Marvin Attack due to the improper handling of (D)TLS records that do not check if messages span key boundaries. An attacker can exploit this vulnerability to combine (D)TLS messages using different keys into one (D)TLS record.
Notes:
An unencrypted (D)TLS 1.3 record from the server containing a ServerHello message followed by the rest of the first server flight could be accepted by a client.
This vulnerability does not compromise key negotiation and authentication but allows for the acceptance of an unencrypted flight from the server, which is not intended behaviour.
This issue is around RSA decryption and affects the optional static RSA cipher suites on the server side, which are considered weak, not recommended to be used and are off by default in wolfSSL, even with
–enable-all.