CNNVD-202508-267 Information

CNNVD ID

CNNVD-202508-267

Related CVE

CVE-2025-7844

• CNNVD Published: 2025-08-04

Description (Chinese)

wolfTPM是wolfSSL开源的一个高度可移植的TPM库。 wolfTPM存在安全漏洞，该漏洞源于导出大于2048位的RSA密钥可能导致栈缓冲区溢出。

Description (English)

WolfTPM is a highly portable TPM library that is an open source of WolfSSL. There is a security loophole in the wolfTPM, which stems from the risk that the export of an RSA key of > 2048 will result in the spilling out of the fence.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

wolfSSL

Published

2025-08-04

Last Modified

2026-02-24

References

https://github.com/wolfSSL/wolfTPM/pull/427

Patch

https://github.com/wolfSSL/wolfTPM/releases