Cyber Resilience

CVE-2022-38152

HighPublic PoC

Published: 31 August 2022

Published
31 August 2022
Modified
21 November 2024
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0191 83.7th percentile
Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-38152 is a high-severity Improper Check for Unusual or Exceptional Conditions (CWE-754) vulnerability in Wolfssl Wolfssl. Its CVSS base score is 7.5 (High).

Operationally, ranked in the top 16.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

CVE-2022-38152 is a denial-of-service vulnerability in wolfSSL versions prior to 5.5.0. It manifests when a TLS 1.3 client connects to a wolfSSL server that invokes SSL_clear on the session structure; the server subsequently crashes with a segmentation fault on the second session created through TLS session resumption, which reuses the original WOLFSSL struct. The flaw is restricted to servers that call wolfSSL_clear rather than the recommended SSL_free followed by SSL_new sequence, and it affects only the compatibility-layer implementation of wolfSSL_clear, which is disabled by default and absent from the native API. The issue is tracked under CWE-754 and carries a CVSS 3.1 score of 7.5 reflecting high availability impact.

An unauthenticated remote attacker can trigger the crash simply by establishing an initial TLS 1.3 connection, allowing the server to call SSL_clear, and then resuming the session with a subsequent Client Hello. Successful exploitation produces an immediate segmentation fault on the server without requiring authentication or special client privileges.

Public references, including the wolfSSL GitHub pull request 5468, indicate that the fix was merged into version 5.5.0. Advisories recommend upgrading to that release or later; operators are also advised to replace any use of wolfSSL_clear with the SSL_free/SSL_new pattern.

EPSS scores for the CVE rose from a low baseline to a peak of 0.0579 on 2025-12-11 before receding to the current value of 0.0191, indicating a transient increase in exploitation interest after disclosure. Public artifacts such as Packet Storm and Full Disclosure entries, along with Trail of Bits research on tlspuffin fuzzing, document the issue but do not report widespread in-the-wild exploitation.

EU & UK References

Vulnerability details

An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server and SSL_clear is called on its session, the server crashes with a segmentation fault. This occurs in the second session, which is…

more

created through TLS session resumption and reuses the initial struct WOLFSSL. If the server reuses the previous session structure (struct WOLFSSL) by calling wolfSSL_clear(WOLFSSL* ssl) on it, the next received Client Hello (that resumes the previous session) crashes the server. Note that this bug is only triggered when resuming sessions using TLS session resumption. Only servers that use wolfSSL_clear instead of the recommended SSL_free; SSL_new sequence are affected. Furthermore, wolfSSL_clear is part of wolfSSL's compatibility layer and is not enabled by default. It is not part of wolfSSL's native API.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

wolfssl
wolfssl
≤ 5.5.0

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-754

Requires detection and response to audit logging failures as an unusual or exceptional condition.

addresses: CWE-754

Implements detection of unusual or exceptional conditions followed by safe mode entry, reducing the window for exploitation of unchecked conditions.

addresses: CWE-754

Training ensures users perform required checks for unusual or exceptional conditions as part of contingency roles, limiting attacker leverage from skipped validations.

addresses: CWE-754

IR testing directly validates checks for unusual or exceptional conditions that could indicate security incidents.

addresses: CWE-754

Requires ongoing monitoring of organization-defined metrics and analysis, enabling checks for unusual or exceptional conditions.

addresses: CWE-754

Security testing routinely checks for unusual or exceptional inputs/conditions, identifying missing validation steps that flaw remediation then resolves.

addresses: CWE-754

Requires detection of unusual conditions followed by a controlled transition to the defined failure state.

addresses: CWE-754

MTTF determination forces explicit checks for conditions that precede predictable component failure.

References