CVE-2016-7438

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2016-7438
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-7438.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2016-7438
Downstream
Published
2016-12-13T16:59:07.563Z
Modified
2026-03-14T09:23:31.742544Z
Severity
  • 5.5 (Medium) CVSS_V3 - CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

The C software implementation of ECC in wolfSSL (formerly CyaSSL) before 3.9.10 makes it easier for local users to discover RSA keys by leveraging cache-bank hit differences.

References

Affected packages

Git / github.com/wolfssl/wolfssl

Affected ranges

Type
GIT
Repo
https://github.com/wolfssl/wolfssl
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
67d607324a73b9eb85d10533e15724c8bbe5934e
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "last_affected": "3.9.8"
        }
    ]
}

Affected versions

v0.*
v0.5
v1.*
v1.8.8.0
v1.9.0
v2.*
v2.0.2
v2.0.3
v2.0.6
v2.0.8
v2.0rc1
v2.0rc2
v2.0rc2b
v2.0rc3
v2.1.1
v2.1.2
v2.1.4
v2.2.0
v2.2.1
v2.2.2
v2.3.0
v2.4.0
v2.4.2
v2.4.6
v2.4.7
v2.5.0
v2.5.2
v2.5.2b
v2.6.0
v2.6.2
v2.7.0
v2.7.2
v2.8.0
v2.8.2
v2.8.3
v2.8.4
v2.8.5
v2.8.5a
v2.8.6
v2.9.0
v2.9.1
v2.9.2
v2.9.4
v3.*
v3.0.0
v3.0.2
v3.1.0
v3.2.0
v3.2.4
v3.2.6
v3.3.0
v3.3.3
v3.4.0
v3.4.2
v3.4.6
v3.4.8
v3.6.0
v3.6.0b
v3.6.2
v3.6.6
v3.6.8
v3.6.9
v3.6.9b
v3.6.9c
v3.6.9d
v3.69.d
v3.7.0
v3.7.1
v3.7.3
v3.8.0
v3.9.0
v3.9.1
v3.9.6
v3.9.6w
v3.9.8

Database specific

source 
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-7438.json"