CVE-2025-7394Sensitive Information Exposure in Wolfssl

CWE-200Sensitive Information ExposureCWE-338Use of Cryptographically Weak Pseudo-Random Number Generator5 documents5 sources
Severity
7.0HIGHNVD
EPSS
0.1%
top 76.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
WolfsslDebian WolfsslMsrc Azl3 Mariadb 10.11.11-1 ON Azure Linux 3.0+1 more
Timeline
PublishedJul 18
Latest updateJul 19

Description

In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as expected and leading to the potential for predictable values returned from RAND_bytes() after fork() is called. This can lead to weak or predictable random numbers generated in applications that are both using RAND_bytes() and doing fork() operations. This only affects applications explicitly calling RAND_bytes() after fork() and does not affect any internal TLS operations. Although RAND_bytes() docum

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N

Affected Packages5 packages

debiandebian/wolfssl< wolfssl 5.5.4-2+deb12u2 (bookworm)
Debianwolfssl/wolfssl< 5.5.4-2+deb12u2+2
NVDwolfssl/wolfssl3.15.05.8.0

🔴Vulnerability Details

2
GHSA
GHSA-jgh6-fqf6-cpj8: In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as expected and leading to the potential for predictable2025-07-19
OSV
CVE-2025-7394: In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as expected and leading to the potential for predictable2025-07-18

📋Vendor Advisories

2
Microsoft
In the OpenSSL compatibility layer implementation, the function RAND_poll() was not behaving as expected and leading to the potential for predictable values returned from RAND_bytes() after fork() is 2025-07-08
Debian
CVE-2025-7394: wolfssl - In the OpenSSL compatibility layer implementation, the function RAND_poll() was ...2025
CVE-2025-7394 — Sensitive Information Exposure | cvebase