CVE-2025-7394

Name of the Vulnerable Software and Affected Versions wolfSSL (affected versions not specified)

Description The OpenSSL compatibility layer implementation had an issue with the RAND poll() function, potentially leading to predictable values returned from RAND bytes() after a fork() call. This could result in weak or predictable random numbers in applications using RAND bytes() and performing fork() operations. The issue does not affect internal TLS operations. A code change was implemented to reseed the Hash-DRBG after detecting a new process, similar to OpenSSL’s behavior.

Recommendations Update to the latest version of wolfSSL.