CVE-2025-7844 Information

Aug 05, 2025 cve

Description

Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if the default MAX_RSA_KEY_BITS=2048 is used. If your TPM 2.0 module supports RSA key sizes larger than 2048 bit and your applications supports creating or importing an RSA private or public key larger than 2048 bits and your application calls wolfTPM2_RsaKey_TpmToWolf on that key then a stack buffer could be overrun. If the MAX_RSA_KEY_BITS build-time macro is set correctly (RSA bits match what TPM hardware is capable of) for the hardware target then a stack overrun is not possible.

Reference

https://github.com/wolfSSL/wolfTPM/pull/427

CNNVD-202508-267 (Published: 2025-08-04)

Share on:

CVE-2025-7844 Information

Description

Reference

Related CNNVD