tls1.c in Cameron Hamilton-Rich axTLS prior to 2.1.5 has a Buffer Overflow via a crafted sequence of TLS packets because the need_bytes value is mismanaged.
axtls project axtls