PKCS#12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS#12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS#12 structure using a length taken directly from the attacker-supplied input, without first verifying that it equals the length of the digest actually produced by the configured algorithm. A truncated or zero-length stored MAC could therefore be accepted, defeating the integrity protection of the MAC.
Advisories
| Source | ID | Title |
|---|---|---|
Debian DLA |
DLA-4683-1 | wolfssl security update |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Fri, 26 Jun 2026 11:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Fri, 26 Jun 2026 01:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Wolfssl
Wolfssl wolfssl |
|
| Vendors & Products |
Wolfssl
Wolfssl wolfssl |
Thu, 25 Jun 2026 21:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | PKCS#12 MAC verification uses an attacker-controlled comparison length, weakening the integrity check on the MAC and allowing a mismatched MAC to be accepted. The PKCS#12 verify path compared the locally computed HMAC against the MAC parsed from the PKCS#12 structure using a length taken directly from the attacker-supplied input, without first verifying that it equals the length of the digest actually produced by the configured algorithm. A truncated or zero-length stored MAC could therefore be accepted, defeating the integrity protection of the MAC. | |
| Title | PKCS#12 MAC verification uses attacker-controlled comparison length | |
| Weaknesses | CWE-347 | |
| References |
| |
| Metrics |
cvssV4_0
|
Projects
Sign in to view the affected projects.
Status: PUBLISHED
Assigner: wolfSSL
Published:
Updated: 2026-06-26T10:22:21.379Z
Reserved: 2026-04-15T03:08:29.037Z
Link: CVE-2026-6329
Updated: 2026-06-26T10:22:15.776Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-06-26T01:15:04Z
Weaknesses
Debian DLA