vulnerability

Alpine Linux: CVE-2026-3549: Heap-based Buffer Overflow

Try Surface Command

Back to search

Severity

CVSS

(AV:N/AC:L/Au:N/C:C/I:C/A:C)

Published

Mar 19, 2026

Added

May 29, 2026

Modified

May 29, 2026

Description

Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buffer length, which resulted in writing beyond the bounds of an allocated buffer. Note that in wolfSSL, ECH is off by default, and the ECH standard is still evolving.

Solution

alpine-linux-upgrade-wolfssl

References

CVE-2026-3549
https://attackerkb.com/topics/CVE-2026-3549
https://security.alpinelinux.org/vuln/CVE-2026-3549
https://euvd.enisa.europa.eu/vulnerability/EUVD-2026-13168
CWE-122
EUVD-EUVD-2026-13168

Rapid7 Labs

2026 Global Threat Landscape Report

The predictive window has collapsed. Exploitation follows disclosure in days. See how attackers are accelerating and how to stay ahead.

Get report