5 matches found
EUVD-2026-13172
In wolfSSL 5.8.4, constant-time masking logic in sp256getentry2569 is optimized into conditional branches bnez by GCC when targeting RISC-V RV32I with -O3. This transformation breaks the side-channel resistance of ECC scalar multiplication, potentially allowing a local attacker to recover secret...
CVE-2026-3580 Compiler-induced timing leak in sp_256_get_entry_256_9 on RISC-V
In wolfSSL 5.8.4, constant-time masking logic in sp256getentry2569 is optimized into conditional branches bnez by GCC when targeting RISC-V RV32I with -O3. This transformation breaks the side-channel resistance of ECC scalar multiplication, potentially allowing a local attacker to recover secret...
CVE-2026-3580
In wolfSSL 5.8.4, GCC optimizes constant-time masking logic in sp_256_get_entry_256_9 into conditional branches (bnez) when targeting RISC-V RV32I with -O3, breaking the expected side-channel resistance of ECC scalar multiplication. This may enable a local attacker to recover secret keys via timi...
CVE-2026-3580
In wolfSSL 5.8.4, constant-time masking logic in sp256getentry2569 is optimized into conditional branches bnez by GCC when targeting RISC-V RV32I with -O3. This transformation breaks the side-channel resistance of ECC scalar multiplication, potentially allowing a local attacker to recover secret...
PT-2026-26340
Name of the Vulnerable Software and Affected Versions wolfSSL version 5.8.4 Description The software contains a flaw in the constant-time masking logic within the sp 256 get entry 256 9 function. When compiled with GCC targeting RISC-V RV32I using the -O3 optimization flag, the logic is altered...