CVE-2026-0819 in wolfSSL
Summary
by MITRE • 03/19/2026
A stack buffer overflow vulnerability exists in wolfSSL's PKCS7 SignedData encoding functionality. In wc_PKCS7_BuildSignedAttributes(), when adding custom signed attributes, the code passes an incorrect capacity value (esd->signedAttribsCount) to EncodeAttributes() instead of the remaining available space in the fixed-size signedAttribs[7] array. When an application sets pkcs7->signedAttribsSz to a value greater than MAX_SIGNED_ATTRIBS_SZ (default 7) minus the number of default attributes already added, EncodeAttributes() writes beyond the array bounds, causing stack memory corruption. In WOLFSSL_SMALL_STACK builds, this becomes heap corruption. Exploitation requires an application that allows untrusted input to control the signedAttribs array size when calling wc_PKCS7_EncodeSignedData() or related signing functions.
If you want to get the best quality for vulnerability data then you always have to consider VulDB.
Analysis
by VulDB Data Team • 05/05/2026
The vulnerability described in CVE-2026-0819 represents a critical stack buffer overflow within wolfSSL's PKCS7 SignedData encoding implementation that stems from improper bounds checking during attribute processing. This flaw exists specifically in the wc_PKCS7_BuildSignedData() function where the code incorrectly calculates the available capacity for custom signed attributes by passing the total count of signed attributes rather than the remaining space in the fixed-size signedAttribs[7] array. The root cause lies in the flawed parameter passing mechanism that fails to account for the actual memory boundaries of the destination buffer, creating a scenario where arbitrary data can be written beyond the allocated stack space.
The technical execution of this vulnerability occurs when applications configure the pkcs7->signedAttribsSz parameter to exceed the safe threshold defined by MAX_SIGNED_ATTRIBS_SZ, which defaults to seven attributes. When this condition is met, the EncodeAttributes() function proceeds to write data beyond the confines of the signedAttribs[7] array, resulting in immediate stack corruption that can overwrite adjacent memory locations including return addresses and local variables. The vulnerability demonstrates characteristics of a classic buffer overflow as classified by CWE-121, specifically CWE-129 which deals with insufficient checking of the length of a buffer, and CWE-787 which addresses writing to a location outside the bounds of a structured buffer.
The operational impact of this vulnerability extends beyond simple memory corruption to potentially enable arbitrary code execution when exploited successfully. In standard wolfSSL configurations, the stack corruption can overwrite critical execution context information, leading to denial of service or potential remote code execution depending on the attacker's ability to control the overflow data. However, the vulnerability exhibits particular severity in WOLFSSL_SMALL_STACK build configurations where the stack-based memory corruption translates into heap corruption, providing additional attack surface and complexity for exploitation. The requirement for untrusted input to control the signedAttribs array size means that applications processing external PKCS7 data structures become prime targets for this vulnerability, particularly those implementing custom attribute handling in cryptographic signing operations.
Mitigation strategies for CVE-2026-0819 should prioritize immediate code updates from wolfSSL vendors to address the incorrect capacity calculation in the wc_PKCS7_BuildSignedData() function. Organizations should implement strict input validation on all PKCS7 attribute size parameters and establish bounds checking mechanisms that prevent signedAttribsSz from exceeding the maximum allowed attribute count. Security-conscious applications should also consider implementing defensive programming practices such as using safe string handling functions, enabling compiler-based stack protection mechanisms, and deploying runtime memory corruption detection tools. The vulnerability aligns with ATT&CK technique T1059.007 for command and script injection through buffer overflow exploitation, and represents a significant risk to cryptographic implementations that rely on wolfSSL for PKCS7 processing, particularly in enterprise environments where external data processing is common. Additionally, organizations should monitor for similar patterns in other cryptographic libraries and implement comprehensive testing procedures that include fuzzing of PKCS7 attribute handling functions to identify potential similar vulnerabilities in their cryptographic toolchains.