3 matches found
JLSEC-2026-726 wolfSSL's ECCSI signature verifier `wc_VerifyEccsiHash` decodes the `r` and `s` scalars from the...
wolfSSL's ECCSI signature verifier wcVerifyEccsiHash decodes the r and s scalars from the signature blob via mpreadunsignedbin with no check that they lie in 1, q-1. A crafted forged signature could verify against any message for any identity, using only publicly-known constants...
Linux Distros Unpatched Vulnerability : CVE-2026-5466
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wolfSSL's ECCSI signature verifier wcVerifyEccsiHash decodes the r and s scalars from the signature blob via mpreadunsignedbin with no check that they lie in 1,...
Volez
Ability to modify a signed OTA recovery package due to an error in the signature verifier...