UBUNTU-CVE-2026-10512

Source
https://ubuntu.com/security/CVE-2026-10512
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-10512.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2026-10512
Upstream
  • CVE-2026-10512
Published
2026-06-25T20:17:00Z
Modified
2026-06-29T23:15:34.320622274Z
Severity
  • 2.3 (Low) CVSS_V4 - CVSS:4.0/AV:N/AC:H/AT:P/PR:L/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N CVSS Calculator
  • 7.5 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
  • Ubuntu - medium
Summary
[none]
Details

The X25519 x86_64 assembly implementation fails to clear the most significant bit during the final modular reduction, so the computed result may not be fully reduced modulo the field prime 2^255 - 19. This can leave the field element in a non-canonical form, producing an incorrect result from the scalar multiplication and potentially a wrong shared secret. The final carry-propagation chains in the x64 and AVX2 reduction routines could overflow into the top bit, and the high limb was not masked afterward, so the 255-bit field element was left non-canonical.

References

Affected packages

Ubuntu:16.04:LTS
wolfssl

Package

Name
wolfssl
Purl
pkg:deb/ubuntu/wolfssl?arch=source&distro=xenial

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.4.8+dfsg-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libcyassl5",
            "binary_version": "3.4.8+dfsg-1"
        },
        {
            "binary_name": "libwolfssl0",
            "binary_version": "3.4.8+dfsg-1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-10512.json"
Ubuntu:18.04:LTS
wolfssl

Package

Name
wolfssl
Purl
pkg:deb/ubuntu/wolfssl?arch=source&distro=bionic

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

3.*
3.10.2+dfsg-2
3.12.0+dfsg-1
3.12.2+dfsg-1
3.13.0+dfsg-1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libwolfssl15",
            "binary_version": "3.13.0+dfsg-1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-10512.json"
Ubuntu:20.04:LTS
wolfssl

Package

Name
wolfssl
Purl
pkg:deb/ubuntu/wolfssl?arch=source&distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.1.0+dfsg-2
4.2.0+dfsg-1
4.2.0+dfsg-2
4.2.0+dfsg-3
4.3.0+dfsg-2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libwolfssl24",
            "binary_version": "4.3.0+dfsg-2"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-10512.json"
Ubuntu:22.04:LTS
wolfssl

Package

Name
wolfssl
Purl
pkg:deb/ubuntu/wolfssl?arch=source&distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

4.*
4.6.0-3
5.*
5.0.0-1
5.1.1-1
5.2.0-1
5.2.0-2

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libwolfssl32",
            "binary_version": "5.2.0-2"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-10512.json"
Ubuntu:24.04:LTS
wolfssl

Package

Name
wolfssl
Purl
pkg:deb/ubuntu/wolfssl?arch=source&distro=noble

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*
5.5.4-2
5.5.4-2.1
5.6.4-2
5.6.6-1.2
5.6.6-1.3
5.6.6-1.3build1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libwolfssl42t64",
            "binary_version": "5.6.6-1.3build1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-10512.json"
Ubuntu:25.10
wolfssl

Package

Name
wolfssl
Purl
pkg:deb/ubuntu/wolfssl?arch=source&distro=questing

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*
5.7.2-0.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libwolfssl42t64",
            "binary_version": "5.7.2-0.1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-10512.json"
Ubuntu:26.04:LTS
wolfssl

Package

Name
wolfssl
Purl
pkg:deb/ubuntu/wolfssl?arch=source&distro=resolute

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected

Affected versions

5.*
5.7.2-0.1
5.8.2-1.2
5.8.4-1
5.9.1-0.1

Ecosystem specific

{
    "binaries": [
        {
            "binary_name": "libwolfssl44",
            "binary_version": "5.9.1-0.1"
        }
    ]
}

Database specific

source
"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2026/UBUNTU-CVE-2026-10512.json"