CVE-2021-24116

Name of the Vulnerable Software and Affected Versions wolfSSL versions prior to 4.6.0

Description The issue is related to a side-channel vulnerability in base64 PEM file decoding, which allows attackers to obtain information about secret RSA keys via a controlled-channel and side-channel attack. This can be particularly problematic in isolated environments that can be single stepped, such as Intel SGX. The vulnerability is also associated with the use of base64 decoding functionality with non-constant execution time, potentially allowing a remote attacker to access confidential data.

Recommendations For wolfSSL versions prior to 4.6.0, update to version 4.6.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the base64 decoding functionality to minimize the risk of exploitation.