CVE-2025-13912 — Observable Discrepancy in Wolfssl

CWE-203 — Observable Discrepancy6 documents6 sources

Severity

1.0LOWNVD

EPSS

0.0%

top 93.13%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Wolfssl Debian Wolfssl Msrc Azl3 Mariadb 10.11.11-1 ON Azure Linux 3.0 +2 more

Timeline

PublishedDec 11

Description

Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrepancies and lead to information disclosure through timing side-channel attacks.

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:P/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N

Affected Packages6 packages

▶debiandebian/wolfssl< wolfssl 5.8.4-1 (forky)

▶CVEListV5wolfssl/wolfssl< 5.8.4

▶Debianwolfssl/wolfssl< 5.8.4-1

▶msrcmsrc/cbl2_mariadb_10.6.21-1_on_cbl_mariner_2.0

▶msrcmsrc/cbl2_mariadb_10.6.24-1_on_cbl_mariner_2.0

🔴Vulnerability Details

GHSA

GHSA-7582-g6xx-939j: Multiple constant-time implementations in wolfSSL before version 5↗2025-12-11

▶

OSV

CVE-2025-13912: Multiple constant-time implementations in wolfSSL before version 5↗2025-12-11

▶

📋Vendor Advisories

Microsoft

Potential non-constant time compiled code with Clang LLVM↗2025-12-09

▶

Debian

CVE-2025-13912: wolfssl - Multiple constant-time implementations in wolfSSL before version 5.8.4 may be tr...↗2025

▶

🕵️Threat Intelligence

Wiz

CVE-2025-13912 Impact, Exploitability, and Mitigation Steps | Wiz↗

▶