wolfSSL (formerly CyaSSL) prior to 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote malicious users to obtain private RSA keys by capturing TLS handshakes, aka a Lenstra attack.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wolfssl wolfssl |
||
opensuse leap 42.1 |
||
opensuse opensuse 13.1 |
||
opensuse opensuse 13.2 |
||
mariadb mariadb |