Unrated severityNVD Advisory· Published Jul 29, 2019· Updated Aug 5, 2024
CVE-2019-14431
CVE-2019-14431
Description
In MatrixSSL 3.8.3 Open through 4.2.1 Open, the DTLS server mishandles incoming network messages leading to a heap-based buffer overflow of up to 256 bytes and possible Remote Code Execution in parseSSLHandshake in sslDecode.c. During processing of a crafted packet, the server mishandles the fragment length value provided in the DTLS message.
Affected products
2- MatrixSSL/MatrixSSLdescription
Patches
Vulnerability mechanics
References
1- github.com/matrixssl/matrixssl/issues/30mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.