## Summary A critical vulnerability in wolfSSL allows ECDSA signature verification to accept digests smaller than cryptographically appropriate when EdDSA or ML-DSA is also enabled. Missing hash/digest size and OID checks permit undersized digests during ECDSA certificate verification, weakening authentication security when the CA public key is known. ## Technical Details The flaw exists in wolfSSL's sign [truncated]
CVE-2017-6076 affects wolfSSL versions before 3.10.2. According to the published advisory text, the fp_mul_comba function can make it easier for a malicious user with access to view cache on a machine to extract RSA key information. The issue was published on 2017-02-24 and later NVD metadata confirms the fixed boundary at 3.10.2.