CVE-2023-6935

Name of the Vulnerable Software and Affected Versions wolfSSL versions prior to 3.6.6

Description The issue is related to the wolfSSL SP Math All RSA implementation being vulnerable to the Marvin Attack, a new variation of a timing Bleichenbacher style attack. This vulnerability is specific to static RSA cipher suites, which are not recommended and have been disabled by default since wolfSSL 3.6.6. The vulnerability allows an attacker to decrypt ciphertexts and forge signatures after probing with a large number of test observations. However, the server’s private key is not exposed.

Recommendations For versions prior to 3.6.6, consider disabling the static RSA cipher suites by removing the WOLFSSL STATIC RSA define or updating to a version where this is disabled by default, such as wolfSSL 3.6.6 or later. As a temporary workaround, consider restricting the use of static RSA cipher suites until a patch is available.