{"api_version":"1","generated_at":"2026-04-10T10:21:55+00:00","cve":"CVE-2022-38152","urls":{"html":"https://cve.report/CVE-2022-38152","api":"https://cve.report/api/cve/CVE-2022-38152.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2022-38152","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2022-38152"},"summary":{"title":"CVE-2022-38152","description":"An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server and SSL_clear is called on its session, the server crashes with a segmentation fault. This occurs in the second session, which is created through TLS session resumption and reuses the initial struct WOLFSSL. If the server reuses the previous session structure (struct WOLFSSL) by calling wolfSSL_clear(WOLFSSL* ssl) on it, the next received Client Hello (that resumes the previous session) crashes the server. Note that this bug is only triggered when resuming sessions using TLS session resumption. Only servers that use wolfSSL_clear instead of the recommended SSL_free; SSL_new sequence are affected. Furthermore, wolfSSL_clear is part of wolfSSL's compatibility layer and is not enabled by default. It is not part of wolfSSL's native API.","state":"PUBLIC","assigner":"cve@mitre.org","published_at":"2022-08-31 17:15:00","updated_at":"2023-03-01 15:50:00"},"problem_types":["CWE-754"],"metrics":[],"references":[{"url":"https://www.wolfssl.com/docs/security-vulnerabilities/","name":"https://www.wolfssl.com/docs/security-vulnerabilities/","refsource":"CONFIRM","tags":[],"title":"wolfSSL Security Vulnerabilities | Documentation – wolfSSL","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/","name":"https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/","refsource":"MISC","tags":[],"title":"Keeping the wolves out of wolfSSL | Trail of Bits Blog","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://github.com/wolfSSL/wolfssl/pull/5468","name":"https://github.com/wolfSSL/wolfssl/pull/5468","refsource":"MISC","tags":[],"title":"Fixes to better handle re-use of a WOLFSSL object via wolfSSL_clear by SparkiDev · Pull Request #5468 · wolfSSL/wolfssl · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"http://packetstormsecurity.com/files/170604/wolfSSL-Session-Resumption-Denial-Of-Service.html","name":"http://packetstormsecurity.com/files/170604/wolfSSL-Session-Resumption-Denial-Of-Service.html","refsource":"MISC","tags":[],"title":"wolfSSL Session Resumption Denial Of Service ≈ Packet Storm","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/wolfSSL/wolfssl/releases","name":"https://github.com/wolfSSL/wolfssl/releases","refsource":"MISC","tags":[],"title":"Releases · wolfSSL/wolfssl · GitHub","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://seclists.org/fulldisclosure/2023/Jan/7","name":"20230119 wolfSSL before 5.5.0: Denial-of-service with session resumption","refsource":"FULLDISC","tags":[],"title":"Full Disclosure: wolfSSL before 5.5.0: Denial-of-service with session resumption","mime":"text/html","httpstatus":"200","archivestatus":"404"},{"url":"https://github.com/tlspuffin/tlspuffin","name":"https://github.com/tlspuffin/tlspuffin","refsource":"MISC","tags":[],"title":"GitHub - tlspuffin/tlspuffin: A symbolic-model-guided fuzzer for TLS","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2022-38152","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2022-38152","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2022","cve_id":"38152","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"a","cpe4":"wolfssl","cpe5":"wolfssl","cpe6":"*","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":null,"legacy_qids":[{"cve":"CVE-2022-38152","qid":"184277","title":"Debian Security Update for wolfssl (CVE-2022-38152)"},{"cve":"CVE-2022-38152","qid":"502967","title":"Alpine Linux Security Update for wolfssl"},{"cve":"CVE-2022-38152","qid":"505833","title":"Alpine Linux Security Update for wolfssl"}]},"source_records":{"cve_program":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2022-38152","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server and SSL_clear is called on its session, the server crashes with a segmentation fault. This occurs in the second session, which is created through TLS session resumption and reuses the initial struct WOLFSSL. If the server reuses the previous session structure (struct WOLFSSL) by calling wolfSSL_clear(WOLFSSL* ssl) on it, the next received Client Hello (that resumes the previous session) crashes the server. Note that this bug is only triggered when resuming sessions using TLS session resumption. Only servers that use wolfSSL_clear instead of the recommended SSL_free; SSL_new sequence are affected. Furthermore, wolfSSL_clear is part of wolfSSL's compatibility layer and is not enabled by default. It is not part of wolfSSL's native API."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"url":"https://github.com/wolfSSL/wolfssl/releases","refsource":"MISC","name":"https://github.com/wolfSSL/wolfssl/releases"},{"refsource":"CONFIRM","name":"https://www.wolfssl.com/docs/security-vulnerabilities/","url":"https://www.wolfssl.com/docs/security-vulnerabilities/"},{"refsource":"MISC","name":"https://github.com/wolfSSL/wolfssl/pull/5468","url":"https://github.com/wolfSSL/wolfssl/pull/5468"},{"refsource":"MISC","name":"https://github.com/tlspuffin/tlspuffin","url":"https://github.com/tlspuffin/tlspuffin"},{"refsource":"FULLDISC","name":"20230119 wolfSSL before 5.5.0: Denial-of-service with session resumption","url":"http://seclists.org/fulldisclosure/2023/Jan/7"},{"refsource":"MISC","name":"http://packetstormsecurity.com/files/170604/wolfSSL-Session-Resumption-Denial-Of-Service.html","url":"http://packetstormsecurity.com/files/170604/wolfSSL-Session-Resumption-Denial-Of-Service.html"},{"refsource":"MISC","name":"https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/","url":"https://blog.trailofbits.com/2023/01/12/wolfssl-vulnerabilities-tlspuffin-fuzzing-ssh/"}]}},"nvd":{"publishedDate":"2022-08-31 17:15:00","lastModifiedDate":"2023-03-01 15:50:00","problem_types":["CWE-754"],"metrics":{"baseMetricV3":{"cvssV3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"},"exploitabilityScore":3.9,"impactScore":3.6}},"configurations":{"CVE_data_version":"4.0","nodes":[{"operator":"OR","children":[],"cpe_match":[{"vulnerable":true,"cpe23Uri":"cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*","versionEndExcluding":"5.5.0","cpe_name":[]}]}]}},"legacy_mitre":{"record":null,"notes":[]}}}