Vulnerabilities affecting this package (0)
| Vulnerability |
Summary |
Fixed by |
|
This package is not known to be affected by vulnerabilities.
|
Vulnerabilities fixed by this package (4)
| Vulnerability |
Summary |
Aliases |
|
VCID-15fc-qcja-yfh6
|
wolfCrypt leaks cryptographic information via timing side channel
wolfSSL and wolfCrypt 4.0.0 and earlier (when configured without `--enable-fpecc`, `--enable-sp`, or` --enable-sp-math`) contain a timing side channel in ECDSA signature generation. This allows a local attacker, able to precisely measure the duration of signature operations, to infer information about the nonces used and potentially mount a lattice attack to recover the private key used. The issue occurs because ecc.c scalar multiplication might leak the bit length.
|
CVE-2019-13628
GHSA-q95h-vc86-hv77
|
|
VCID-k6pn-fcqq-q7hs
|
It was found that wolfssl before 3.15.7 is vulnerable to a new variant of the Bleichenbacher attack to perform downgrade attacks against TLS. This may lead to leakage of sensible data.
|
CVE-2018-16870
|
|
VCID-u1xz-kt5a-ybbv
|
examples/benchmark/tls_bench.c in a benchmark tool in wolfSSL through 3.15.7 has a heap-based buffer overflow.
|
CVE-2019-6439
|
|
VCID-vj57-tszp-ruaf
|
wolfSSL 4.0.0 has a Buffer Overflow in DoPreSharedKeys in tls13.c when a current identity size is greater than a client identity size. An attacker sends a crafted hello client packet over the network to a TLSv1.3 wolfSSL server. The length fields of the packet: record length, client hello length, total extensions length, PSK extension length, total identity length, and identity length contain their maximum value which is 2^16. The identity data field of the PSK extension of the packet contains the attack data, to be stored in the undefined memory (RAM) of the server. The size of the data is about 65 kB. Possibly the attacker can perform a remote code execution attack.
|
CVE-2019-11873
|