CVE-2019-14317 — Insufficient Entropy in Wolfssl

CWE-331 — Insufficient Entropy CWE-311 — Missing Encryption of Sensitive Data CWE-364 — Signal Handler Race Condition6 documents6 sources

Severity

5.3MEDIUMNVD

EPSS

0.4%

top 39.77%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wolfssl Debian Wolfssl

Timeline

PublishedDec 11

Latest updateMay 24

Description

wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) generate biased DSA nonces. This allows a remote attacker to compute the long term private key from several hundred DSA signatures via a lattice attack. The issue occurs because dsa.c fixes two bits of the generated nonces.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4

Affected Packages3 packages

▶debiandebian/wolfssl< wolfssl 4.2.0+dfsg-1 (bookworm)

▶NVDwolfssl/wolfssl< 4.2.0

▶Debianwolfssl/wolfssl< 4.2.0+dfsg-1+3

Patches

Patch: www.wolfssl.com ↗Patch: www.wolfssl.com ↗

🔴Vulnerability Details

GHSA

GHSA-3w65-mh9h-3g82: wolfSSL and wolfCrypt 4↗2022-05-24

▶

OSV

CVE-2019-14317: wolfSSL and wolfCrypt 4↗2019-12-11

▶

📋Vendor Advisories

Red Hat

wildfly: JBoss EAP-CD regression of CVE-2019-3805↗2020-07-07

▶

Debian

CVE-2019-14317: wolfssl - wolfSSL and wolfCrypt 4.1.0 and earlier (formerly known as CyaSSL) generate bias...↗2019

▶

💬Community

Bugzilla

CVE-2020-14317 wildfly: JBoss EAP-CD regression of CVE-2019-3805↗2020-07-07

▶