CVE-2022-43974: 
MatrixSSL vulnerability analysis and mitigation

MatrixSSL versions 4.0.4 through 4.5.1 contains a critical vulnerability (CVE-2022-43974) in the matrixSslDecodeTls13 function. The vulnerability was discovered by security evaluators from Deutsche Telekom Security and was fixed in version 4.6.0, released in December 2022 (NVD, Telekom Advisory).

The vulnerability is an integer overflow in the matrixSslDecodeTls13 function that can lead to a buffer overflow condition. The issue has been assigned a CVSS v3.1 base score of 9.8 CRITICAL (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), indicating the highest severity level. The vulnerability has been classified as CWE-190 (Integer Overflow or Wraparound) (NVD).

A successful exploitation of this vulnerability could allow a remote attacker to achieve remote code execution and potentially gain complete control over the affected system. The vulnerability affects the confidentiality, integrity, and availability of the system, as indicated by the CVSS scoring (HelpNet Security).

The vulnerability has been patched in MatrixSSL version 4.6.0. Users are strongly advised to upgrade to this version or later to address the security issue. No alternative workarounds have been published (NVD).

The vulnerability was discovered through modern fuzzing techniques by security evaluators at Deutsche Telekom, highlighting the effectiveness of such methods in identifying security flaws in cryptographic implementations (HelpNet Security).