CVE-2025-13912

Vulnerability Description

Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrepancies and lead to information disclosure through timing side-channel attacks.

Related Weaknesses (CWE)

CWE-203

References

https://github.com/wolfSSL/wolfssl/pull/9148

FAQ

What is CVE-2025-13912?

CVE-2025-13912 is a documented vulnerability. Multiple constant-time implementations in wolfSSL before version 5.8.4 may be transformed into non-constant-time binary by LLVM optimizations, which can potentially result in observable timing discrep...

How severe is CVE-2025-13912?

CVSS scoring is not yet available for CVE-2025-13912. Check NVD for updates.

Is there a patch for CVE-2025-13912?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.