CVE-2025-12888

Low CVSS: 1.0

Vulnerability in X25519 constant-time cryptographic implementations due to timing side channels introduced by compiler optimizations and CPU architecture limitations, specifically with the Xtensa-based ESP32 chips. If targeting Xtensa it is recommended to use the low memory implementations of X25519, which is now turned on as the default for Xtensa.

Vendor

Wolfssl

Product

Wolfssl

CWE

CWE-203

Yayın Tarihi

2025-11-21 23:15:44

Güncelleme

2025-12-04 16:07:14

Source Identifier

facts@wolfssl.com

KEV Date Added

Kategoriler

CWE-203 Wolfssl LOW Wolfssl 2025

Referanslar

https://https://github.com/wolfSSL/wolfssl/pull/9275

Benzer Kayıtlar

Medium

CVE-2026-3849

Stack Buffer Overflow in wc_HpkeLabeledExtract via Oversized ECH Config. A vulnerability existed in wolfSSL 5.8.4 ECH (E…

Low

CVE-2026-4395

Heap-based buffer overflow in the KCAPI ECC code path of wc_ecc_import_x963_ex() in wolfSSL wolfcrypt allows a remote at…

Low

CVE-2026-3229

An integer overflow vulnerability existed in the static function wolfssl_add_to_chain, that caused heap corruption when…

Low

CVE-2026-3230

Missing required cryptographic step in the TLS 1.3 client HelloRetryRequest handshake logic in wolfSSL could lead to a c…

High

CVE-2026-3547

Out-of-bounds read in ALPN parsing due to incomplete validation. wolfSSL 5.8.4 and earlier contained an out-of-bounds re…

High

CVE-2026-3549

Heap Overflow in TLS 1.3 ECH parsing. An integer underflow existed in ECH extension parsing logic when calculating a buf…