CVE-2019-19963

Name of the Vulnerable Software and Affected Versions wolfSSL versions prior to 4.3.0

Description An issue was discovered in a non-default configuration where DSA is enabled, allowing a side-channel attack against the nonce due to the use of the BEEA algorithm during modular inversion of the nonce in DSA signing.

Recommendations For versions prior to 4.3.0, update to version 4.3.0 or later to resolve the issue. As a temporary workaround, consider disabling DSA in the configuration to minimize the risk of exploitation.