You are using an out of date browser. It may not display this or other websites correctly. You should upgrade or use an alternative browser.
wolfssl
About this tag
The wolfSSL tag on WindowsForum.com covers security vulnerabilities and patches for the wolfSSL lightweight TLS/SSL library. Recent discussions focus on high-severity CVEs including certificate validation bypass (CVE-2025-7395), fork-safety issues in RAND_bytes (CVE-2025-7394), TLS 1.3 padding bugs causing DoS and memory exposure (CVE-2024-0901), timing side channels (CVE-2025-13912), signature downgrade (CVE-2025-11934), duplicate KeyShare DoS (CVE-2025-11933 and CVE-2025-11936), and XChaCha20-Poly1305 decrypt underflow (CVE-2025-11931). These threads provide technical analysis, impact assessments, and upgrade guidance for developers and IT professionals managing wolfSSL deployments.
The industry disclosure for CVE-2025-7395 describes a dangerous certificate-validation bypass in wolfSSL that can allow a malicious or misconfigured server to present a certificate issued by a trusted Certificate Authority and have that certificate accepted for any hostname when wolfSSL is built...
A subtle bug in wolfSSL’s OpenSSL compatibility layer has quietly exposed a classic fork‑safety failure: under certain conditions, calls to RAND_bytes() in a child process could produce predictable values because the pseudo‑random generator state was inherited unchanged across fork(). The issue...
A malformed TLS 1.3 packet can crash a wolfSSL server or force it to read memory outside its bounds — a vulnerability tracked as CVE-2024-0901 that was disclosed in early 2024 and fixed by wolfSSL in the 5.7.x release series. This issue is not a local misconfiguration or an edge-case...
CVE-2025-13912 is a timing‑side‑channel concern in wolfSSL where compiler optimizations (notably from Clang/LLVM toolchains) can transform carefully written constant‑time C code into binaries whose runtime varies with secret data — a behavior that undermines cryptographic assumptions and was...
wolfSSL disclosed a protocol‑validation flaw tracked as CVE‑2025‑11934 that can let a TLS 1.3 handshake inadvertently downgrade the signature algorithm used for CertificateVerify, enabling a server‑side negotiation to settle on a weaker ECDSA curve than the client originally preferred — a...
wolfSSL has published a patch and coordinated disclosures after researchers reported a denial‑of‑service weakness in its TLS 1.3 ClientHello parsing: specially crafted ClientHello messages that include duplicate key_share (CKS) entries can force excessive resource consumption in wolfSSL 5.8.2...
wolfSSL has patched a denial‑of‑service weakness in its TLS 1.3 handshake code after researchers discovered that a specially crafted ClientHello containing duplicate KeyShareEntry values for the same group can force excessive CPU and memory use during ClientHello processing, leading to...
A recently disclosed vulnerability in wolfSSL’s XChaCha20‑Poly1305 implementation—tracked as CVE‑2025‑11931—can trigger an integer underflow that leads to an out‑of‑bounds memory access when an application calls the library’s direct decrypt API. wolfSSL published a rapid fix and incorporated the...