You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: ChangeLog.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -49,7 +49,7 @@ wolfSSL 5.8.4 and earlier on RISC-V RV32I architectures lacks a constant-time so
49
49
A protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during Keccak-based expansion. This issue affects wolfSSL (wolfCrypt): commit hash d86575c766e6e67ef93545fa69c04d6eb49400c6. Thanks to Hariprasad Kelassery Valsaraj of Temasek Laboratories for the report. Fixed in PR 9734.
50
50
51
51
*[Low]CVE-2026-4159
52
-
1-byte OOB heap read in wc_PKCS7_DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wc_PKCS7_DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted content. Note that PKCS7 support is disabled by default. Thanks to Haruto Kimura (Stella). Fixed in PR9945.
52
+
1-byte OOB heap read in wc_PKCS7_DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wc_PKCS7_DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted content. Note that PKCS7 support is disabled by default. Thanks to Haruto Kimura (Stella). Fixed in PR 9945.
53
53
54
54
*[Low]CVE-2026-4395
55
55
A heap buffer out of bounds write case existed in wolfSSL version 5.8.4 and earlier when importing an ECC key while built with KCAPI support. The fix implemented added a check on the raw pubkey length in wc_ecc_import_x963 before copying it to an internal struct. KCAPI support is turned off by default and only enabled with builds using --enable-kcapi. Thanks to Haruto Kimura (Stella) for the report. Fixed in PR 9988.
@@ -140,20 +140,20 @@ A heap buffer out of bounds write case existed in wolfSSL version 5.8.4 and earl
140
140
* Fixes to big-endian bugs found in Curve448 and Blake2S by @LinuxJedi (PR 9778).
141
141
* Fix cert chain size issue by @embhorn (PR 9827).
142
142
* Fix potential memory leak when copying into existing SHA contexts and zero init tmpSha by @night1rider (PR 9829).
143
-
* Add sanity checks in key export by @embhorn (PR9823). Thanks to Muhammad Arya Arjuna (pelioro) for the report.
143
+
* Add sanity checks in key export by @embhorn (PR 9823). Thanks to Muhammad Arya Arjuna (pelioro) for the report.
144
144
* CRL enhancements for revoked entries by @padelsbach (PR 9839).
145
145
* Fix DRBG_internal alloc in wc_RNG_HealthTestLocal by @embhorn (PR 9847).
146
146
* Various CMake fixes and improvements by @Frauschi (PRs 9605, 9725).
147
-
* RISC-V 32 no mul SP C: implement multiplication by @SparkiDevin (PR 9855).
147
+
* RISC-V 32 no mul SP C: implement multiplication by @SparkiDev (PR 9855).
148
148
* ASN: improve handling of ASN.1 parsing/encoding by @SparkiDev (PR 9872).
149
-
* Various fixes to CRL parsing by @miyazakhin (PRs 9628, 9873).
149
+
* Various fixes to CRL parsing by @miyazakh (PRs 9628, 9873).
150
150
* Harden hash comparison in TLS1.2 finished by @Frauschi (PR 9874).
151
151
* Various fixes to TLS sniffer by @mattia-moffa, @embhorn, @julek-wolfssl, @Frauschi (PRs 9571, 9643, 9867, 9901, 9924).
152
152
* Check ivLen in wolfSSL_EVP_CIPHER_CTX_set_iv_length by @philljj (PR 9943). Thanks to Haruto Kimura (Stella) for the report.
153
-
* Validate that the ticket length is at least ID_LEN before use in SetTicket, preventing an undersized buffer from being processed.@kareem-wolfssl (PR 9782).
153
+
* Validate that the ticket length is at least ID_LEN before use in SetTicket, preventing an undersized buffer from being processed by@kareem-wolfssl (PR 9782).
154
154
* Enforce null compression in compression_methods list by @julek-wolfssl (PR 9913).
155
155
* Additional sanity check on number of groups in set groups function by @JacobBarthelmeh (PR 9861).
156
-
* Resolves issues with asynchronous and crypto callback handling, adding test coverage to prevent regressions. by @dgarske (https://github.com/wolfSSL/wolfssl/pull/9784).
156
+
* Resolves issues with asynchronous and crypto callback handling, adding test coverage to prevent regressions by @dgarske (PR 9784).
157
157
* Fix checkPad to reject zero PKCS#7 padding value by @embhorn (PR 9878).
158
158
* Add sanity check on keysize found with ECC point import by @JacobBarthelmeh (PR 9989).
159
159
* Adds a range check to ensure session ticket lifetimes are within the bounds permitted by the TLS specification by @Frauschi (PR 9881).
Copy file name to clipboardExpand all lines: README
+6-6Lines changed: 6 additions & 6 deletions
Original file line number
Diff line number
Diff line change
@@ -127,7 +127,7 @@ wolfSSL 5.8.4 and earlier on RISC-V RV32I architectures lacks a constant-time so
127
127
A protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during Keccak-based expansion. This issue affects wolfSSL (wolfCrypt): commit hash d86575c766e6e67ef93545fa69c04d6eb49400c6. Thanks to Hariprasad Kelassery Valsaraj of Temasek Laboratories for the report. Fixed in PR 9734.
128
128
129
129
* [Low] CVE-2026-4159
130
-
1-byte OOB heap read in wc_PKCS7_DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wc_PKCS7_DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted content. Note that PKCS7 support is disabled by default. Thanks to Haruto Kimura (Stella). Fixed in PR9945.
130
+
1-byte OOB heap read in wc_PKCS7_DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wc_PKCS7_DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted content. Note that PKCS7 support is disabled by default. Thanks to Haruto Kimura (Stella). Fixed in PR 9945.
131
131
132
132
* [Low] CVE-2026-4395
133
133
A heap buffer out of bounds write case existed in wolfSSL version 5.8.4 and earlier when importing an ECC key while built with KCAPI support. The fix implemented added a check on the raw pubkey length in wc_ecc_import_x963 before copying it to an internal struct. KCAPI support is turned off by default and only enabled with builds using --enable-kcapi. Thanks to Haruto Kimura (Stella) for the report. Fixed in PR 9988.
@@ -218,20 +218,20 @@ A heap buffer out of bounds write case existed in wolfSSL version 5.8.4 and earl
218
218
* Fixes to big-endian bugs found in Curve448 and Blake2S by @LinuxJedi (PR 9778).
219
219
* Fix cert chain size issue by @embhorn (PR 9827).
220
220
* Fix potential memory leak when copying into existing SHA contexts and zero init tmpSha by @night1rider (PR 9829).
221
-
* Add sanity checks in key export by @embhorn (PR9823). Thanks to Muhammad Arya Arjuna (pelioro) for the report.
221
+
* Add sanity checks in key export by @embhorn (PR 9823). Thanks to Muhammad Arya Arjuna (pelioro) for the report.
222
222
* CRL enhancements for revoked entries by @padelsbach (PR 9839).
223
223
* Fix DRBG_internal alloc in wc_RNG_HealthTestLocal by @embhorn (PR 9847).
224
224
* Various CMake fixes and improvements by @Frauschi (PRs 9605, 9725).
225
-
* RISC-V 32 no mul SP C: implement multiplication by @SparkiDev in (PR 9855).
225
+
* RISC-V 32 no mul SP C: implement multiplication by @SparkiDev (PR 9855).
226
226
* ASN: improve handling of ASN.1 parsing/encoding by @SparkiDev (PR 9872).
227
-
* Various fixes to CRL parsing by @miyazakh in (PRs 9628, 9873).
227
+
* Various fixes to CRL parsing by @miyazakh (PRs 9628, 9873).
228
228
* Harden hash comparison in TLS1.2 finished by @Frauschi (PR 9874).
229
229
* Various fixes to TLS sniffer by @mattia-moffa, @embhorn, @julek-wolfssl, @Frauschi (PRs 9571, 9643, 9867, 9901, 9924).
230
230
* Check ivLen in wolfSSL_EVP_CIPHER_CTX_set_iv_length by @philljj (PR 9943). Thanks to Haruto Kimura (Stella) for the report.
231
-
* Validate that the ticket length is at least ID_LEN before use in SetTicket, preventing an undersized buffer from being processed. @kareem-wolfssl (PR 9782).
231
+
* Validate that the ticket length is at least ID_LEN before use in SetTicket, preventing an undersized buffer from being processed by @kareem-wolfssl (PR 9782).
232
232
* Enforce null compression in compression_methods list by @julek-wolfssl (PR 9913).
233
233
* Additional sanity check on number of groups in set groups function by @JacobBarthelmeh (PR 9861).
234
-
* Resolves issues with asynchronous and crypto callback handling, adding test coverage to prevent regressions. by @dgarske (https://github.com/wolfSSL/wolfssl/pull/9784).
234
+
* Resolves issues with asynchronous and crypto callback handling, adding test coverage to prevent regressions by @dgarske (PR 9784).
235
235
* Fix checkPad to reject zero PKCS#7 padding value by @embhorn (PR 9878).
236
236
* Add sanity check on keysize found with ECC point import by @JacobBarthelmeh (PR 9989).
237
237
* Adds a range check to ensure session ticket lifetimes are within the bounds permitted by the TLS specification by @Frauschi (PR 9881).
Copy file name to clipboardExpand all lines: README.md
+6-6Lines changed: 6 additions & 6 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -154,7 +154,7 @@ wolfSSL 5.8.4 and earlier on RISC-V RV32I architectures lacks a constant-time so
154
154
A protection mechanism failure in wolfCrypt post-quantum implementations (ML-KEM and ML-DSA) in wolfSSL on ARM Cortex-M microcontrollers allows a physical attacker to compromise key material and/or cryptographic outcomes via induced transient faults that corrupt or redirect seed/pointer values during Keccak-based expansion. This issue affects wolfSSL (wolfCrypt): commit hash d86575c766e6e67ef93545fa69c04d6eb49400c6. Thanks to Hariprasad Kelassery Valsaraj of Temasek Laboratories for the report. Fixed in PR 9734.
155
155
156
156
* [Low] CVE-2026-4159
157
-
1-byte OOB heap read in wc_PKCS7_DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wc_PKCS7_DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted content. Note that PKCS7 support is disabled by default. Thanks to Haruto Kimura (Stella). Fixed in PR9945.
157
+
1-byte OOB heap read in wc_PKCS7_DecodeEnvelopedData via zero-length encrypted content. A vulnerability existed in wolfSSL 5.8.4 and earlier, where a 1-byte out-of-bounds heap read in wc_PKCS7_DecodeEnvelopedData could be triggered by a crafted CMS EnvelopedData message with zero-length encrypted content. Note that PKCS7 support is disabled by default. Thanks to Haruto Kimura (Stella). Fixed in PR 9945.
158
158
159
159
* [Low] CVE-2026-4395
160
160
A heap buffer out of bounds write case existed in wolfSSL version 5.8.4 and earlier when importing an ECC key while built with KCAPI support. The fix implemented added a check on the raw pubkey length in wc_ecc_import_x963 before copying it to an internal struct. KCAPI support is turned off by default and only enabled with builds using --enable-kcapi. Thanks to Haruto Kimura (Stella) for the report. Fixed in PR 9988.
@@ -245,20 +245,20 @@ A heap buffer out of bounds write case existed in wolfSSL version 5.8.4 and earl
245
245
* Fixes to big-endian bugs found in Curve448 and Blake2S by @LinuxJedi (PR 9778).
246
246
* Fix cert chain size issue by @embhorn (PR 9827).
247
247
* Fix potential memory leak when copying into existing SHA contexts and zero init tmpSha by @night1rider (PR 9829).
248
-
* Add sanity checks in key export by @embhorn (PR9823). Thanks to Muhammad Arya Arjuna (pelioro) for the report.
248
+
* Add sanity checks in key export by @embhorn (PR 9823). Thanks to Muhammad Arya Arjuna (pelioro) for the report.
249
249
* CRL enhancements for revoked entries by @padelsbach (PR 9839).
250
250
* Fix DRBG_internal alloc in wc_RNG_HealthTestLocal by @embhorn (PR 9847).
251
251
* Various CMake fixes and improvements by @Frauschi (PRs 9605, 9725).
252
-
* RISC-V 32 no mul SP C: implement multiplication by @SparkiDev in (PR 9855).
252
+
* RISC-V 32 no mul SP C: implement multiplication by @SparkiDev (PR 9855).
253
253
* ASN: improve handling of ASN.1 parsing/encoding by @SparkiDev (PR 9872).
254
-
* Various fixes to CRL parsing by @miyazakh in (PRs 9628, 9873).
254
+
* Various fixes to CRL parsing by @miyazakh (PRs 9628, 9873).
255
255
* Harden hash comparison in TLS1.2 finished by @Frauschi (PR 9874).
256
256
* Various fixes to TLS sniffer by @mattia-moffa, @embhorn, @julek-wolfssl, @Frauschi (PRs 9571, 9643, 9867, 9901, 9924).
257
257
* Check ivLen in wolfSSL_EVP_CIPHER_CTX_set_iv_length by @philljj (PR 9943). Thanks to Haruto Kimura (Stella) for the report.
258
-
* Validate that the ticket length is at least ID_LEN before use in SetTicket, preventing an undersized buffer from being processed. @kareem-wolfssl (PR 9782).
258
+
* Validate that the ticket length is at least ID_LEN before use in SetTicket, preventing an undersized buffer from being processed by @kareem-wolfssl (PR 9782).
259
259
* Enforce null compression in compression_methods list by @julek-wolfssl (PR 9913).
260
260
* Additional sanity check on number of groups in set groups function by @JacobBarthelmeh (PR 9861).
261
-
* Resolves issues with asynchronous and crypto callback handling, adding test coverage to prevent regressions. by @dgarske (https://github.com/wolfSSL/wolfssl/pull/9784).
261
+
* Resolves issues with asynchronous and crypto callback handling, adding test coverage to prevent regressions by @dgarske (PR 9784).
262
262
* Fix checkPad to reject zero PKCS#7 padding value by @embhorn (PR 9878).
263
263
* Add sanity check on keysize found with ECC point import by @JacobBarthelmeh (PR 9989).
264
264
* Adds a range check to ensure session ticket lifetimes are within the bounds permitted by the TLS specification by @Frauschi (PR 9881).
0 commit comments