CVE-2026-3579 | THREATINT

Description

wolfSSL 5.8.4 on RISC-V RV32I architectures lacks a constant-time software implementation for 64-bit multiplication. The compiler-inserted __muldi3 subroutine executes in variable time based on operand values. This affects multiple SP math functions (sp_256_mul_9, sp_256_sqr_9, etc.), leading to a timing side-channel that may expose sensitive cryptographic data.

PUBLISHED Reserved 2026-03-05 | Published 2026-03-19 | Updated 2026-03-24 | Assigner wolfSSL

LOW: 2.1CVSS:4.0/AV:L/AC:H/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:L/SI:N/SA:N

Problem types

CWE-203 Observable Discrepancy

Product status

Default status

unaffected

Any version before 5.9.0

affected

Credits

Wind Wong finder

References

github.com/wolfSSL/wolfssl/pull/9855

cve.org (CVE-2026-3579)

nvd.nist.gov (CVE-2026-3579)

Download JSON