Lucene search
K

5 matches found

EUVD
EUVD
added 2026/03/19 9:30 p.m.7 views

EUVD-2026-13172

In wolfSSL 5.8.4, constant-time masking logic in sp256getentry2569 is optimized into conditional branches bnez by GCC when targeting RISC-V RV32I with -O3. This transformation breaks the side-channel resistance of ECC scalar multiplication, potentially allowing a local attacker to recover secret...

2.1CVSS5.8AI score0.00128EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/19 7:46 p.m.4 views

CVE-2026-3580 Compiler-induced timing leak in sp_256_get_entry_256_9 on RISC-V

In wolfSSL 5.8.4, constant-time masking logic in sp256getentry2569 is optimized into conditional branches bnez by GCC when targeting RISC-V RV32I with -O3. This transformation breaks the side-channel resistance of ECC scalar multiplication, potentially allowing a local attacker to recover secret...

2.1CVSS5.8AI score0.00128EPSS
Exploits0References1
CVE
CVE
added 2026/03/19 7:46 p.m.20 views

CVE-2026-3580

In wolfSSL 5.8.4, GCC optimizes constant-time masking logic in sp_256_get_entry_256_9 into conditional branches (bnez) when targeting RISC-V RV32I with -O3, breaking the expected side-channel resistance of ECC scalar multiplication. This may enable a local attacker to recover secret keys via timi...

4.7CVSS5.8AI score0.00128EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2026/03/19 7:46 p.m.3 views

CVE-2026-3580

In wolfSSL 5.8.4, constant-time masking logic in sp256getentry2569 is optimized into conditional branches bnez by GCC when targeting RISC-V RV32I with -O3. This transformation breaks the side-channel resistance of ECC scalar multiplication, potentially allowing a local attacker to recover secret...

4.7CVSS5.2AI score0.00128EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.4 views

PT-2026-26340

Name of the Vulnerable Software and Affected Versions wolfSSL version 5.8.4 Description The software contains a flaw in the constant-time masking logic within the sp 256 get entry 256 9 function. When compiled with GCC targeting RISC-V RV32I using the -O3 optimization flag, the logic is altered...

4.7CVSS5.1AI score0.00128EPSS
Exploits0References10
Rows per page
Query Builder