216.73.217.50

CVE-2025-7844

· Published 04/08/2025 22:15 · Modified 05/08/2025 14:34

Labels: CVE-2025-7844 2025-08-04CVE-2025-7844CWE-121[email protected]

Essential information

Published
04/08/2025 22:15
Modified
05/08/2025 14:34
Author
Creator
CVSS
1.0 LOW (v3) 1.0 LOW (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

Exporting a TPM based RSA key larger than 2048 bits from the TPM could overrun a stack buffer if the default `MAX_RSA_KEY_BITS=2048` is used. If your TPM 2.0 module supports RSA key sizes larger than 2048 bit and your applications supports creating or importing an RSA private or public key larger than 2048 bits and your application calls `wolfTPM2_RsaKey_TpmToWolf` on that key, then a stack buffer could be overrun. If the `MAX_RSA_KEY_BITS` build-time macro is set correctly (RSA bits match what TPM hardware is capable of) for the hardware target, then a stack overrun is not possible.

NVD status

Status
Awaiting Analysis — CVE has been recently published to the CVE List and has been received by the NVD.
Source
[email protected]
NVD
View on NVD

Affected products (CPE)

ProductCPE
wolfssl / wolfssl cpe:2.3:a:wolfssl:wolfssl:*:*:*:*:*:*:*:*

References