Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2025-13912

Опубликовано: 11 дек. 2025
Источник: debian
EPSS Низкий

Описание

Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrepancies and lead to information disclosure through timing side-channel attacks.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
wolfsslfixed5.8.4-1package
wolfsslno-dsatrixiepackage
wolfsslno-dsabookwormpackage
wolfsslpostponedbullseyepackage

Примечания

  • https://github.com/wolfSSL/wolfssl/pull/9148

  • Fixed by: https://github.com/wolfSSL/wolfssl/commit/234ba7780ad3b7c8c1509973accdc43ed6c328b3 (v5.8.4-stable)

EPSS

Процентиль: 4%
0.00019
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2025-13912

ubuntu
около 2 месяцев назад

Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrepancies and lead to information disclosure through timing side-channel attacks.

nvd логотип

CVE-2025-13912

nvd
около 2 месяцев назад

Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrepancies and lead to information disclosure through timing side-channel attacks.

msrc логотип

CVE-2025-13912

msrc
около 1 месяца назад

Potential non-constant time compiled code with Clang LLVM

github логотип

GHSA-7582-g6xx-939j

github
около 2 месяцев назад

Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrepancies and lead to information disclosure through timing side-channel attacks.

EPSS

Процентиль: 4%
0.00019
Низкий