DEBIAN-CVE-2026-3229

See a problem?
Please try reporting it to the source first.

Source

https://security-tracker.debian.org/tracker/CVE-2026-3229

Import Source

https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-3229.json

JSON Data

https://api.osv.dev/v1/vulns/DEBIAN-CVE-2026-3229

Upstream

CVE-2026-3229

Published

2026-03-19T21:17:12.330Z

Modified

2026-03-27T10:03:14.389646Z

Severity

5.5 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H CVSS Calculator

Summary

[none]

Details

An integer overflow vulnerability existed in the static function wolfssladdtochain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssladdtochain is called by these API: wolfSSLCTXaddextrachaincert, wolfSSLCTXadd1chaincert, wolfSSLadd0chaincert. These API are enabled for 3rd party compatibility features: enable-opensslall, enable-opensslextra, enable-lighty, enable-stunnel, enable-nginx, enable-haproxy. This issue is not remotely exploitable, and would require that the application context loading certificates is compromised.

References

https://security-tracker.debian.org/tracker/CVE-2026-3229

Affected packages

Debian:11 / wolfssl

Package

Name: wolfssl
Purl: pkg:deb/debian/wolfssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

4.*

4.6.0-3

4.6.0+p1-0+deb11u1

4.6.0+p1-0+deb11u2

5.*

5.0.0-1~bpo11+1

5.0.0-1

5.1.1-1~bpo11+1

5.1.1-1

5.2.0-1

5.2.0-2~bpo11+1

5.2.0-2

5.5.3-1

5.5.3-2

5.5.3-3~bpo11+1

5.5.3-3

5.5.4-1

5.5.4-2~bpo11+1

5.5.4-2

5.5.4-2.1

5.6.4-1

5.6.4-2

5.6.6-1

5.6.6-1.1

5.6.6-1.2

5.6.6-1.3~exp1

5.6.6-1.3

5.7.0-0.1

5.7.0-0.2

5.7.0-0.3

5.7.2-0.1

5.7.2-0.2

5.7.2-0.3

5.7.2-0.4

5.8.2-1

5.8.2-1.1

5.8.2-1.2

5.8.4-1

5.9.0-0.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-3229.json"

Debian:12 / wolfssl

Package

Name: wolfssl
Purl: pkg:deb/debian/wolfssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.5.4-2

5.5.4-2+deb12u1

5.5.4-2+deb12u2

5.5.4-2.1

5.6.4-1

5.6.4-2

5.6.6-1

5.6.6-1.1

5.6.6-1.2

5.6.6-1.3~exp1

5.6.6-1.3

5.7.0-0.1

5.7.0-0.2

5.7.0-0.3

5.7.2-0.1

5.7.2-0.2

5.7.2-0.3

5.7.2-0.4

5.8.2-1

5.8.2-1.1

5.8.2-1.2

5.8.4-1

5.9.0-0.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-3229.json"

Debian:13 / wolfssl

Package

Name: wolfssl
Purl: pkg:deb/debian/wolfssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

5.*

5.7.2-0.1

5.7.2-0.1+deb13u1

5.7.2-0.2

5.7.2-0.3

5.7.2-0.4

5.8.2-1

5.8.2-1.1

5.8.2-1.2

5.8.4-1

5.9.0-0.1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-3229.json"

Debian:14 / wolfssl

Package

Name: wolfssl
Purl: pkg:deb/debian/wolfssl?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.9.0-0.1

Affected versions

5.*

5.7.2-0.1

5.7.2-0.2

5.7.2-0.3

5.7.2-0.4

5.8.2-1

5.8.2-1.1

5.8.2-1.2

5.8.4-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Database specific

source

"https://storage.googleapis.com/debian-osv/debian-cve-osv/DEBIAN-CVE-2026-3229.json"