{"id":"CVE-2015-7744","details":"wolfSSL (formerly CyaSSL) before 3.6.8 does not properly handle faults associated with the Chinese Remainder Theorem (CRT) process when allowing ephemeral key exchange without low memory optimizations on a server, which makes it easier for remote attackers to obtain private RSA keys by capturing TLS handshakes, aka a Lenstra attack.","modified":"2026-04-10T03:46:28.994549Z","published":"2016-01-22T15:59:04Z","related":["SUSE-RU-2023:3956-1","SUSE-RU-2023:4991-1","SUSE-SU-2016:0348-1","openSUSE-SU-2024:10200-1"],"references":[{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html"},{"type":"ADVISORY","url":"http://wolfssl.com/wolfSSL/Docs-wolfssl-changelog.html"},{"type":"ADVISORY","url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"type":"ADVISORY","url":"http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1034708"},{"type":"ADVISORY","url":"https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf"},{"type":"ADVISORY","url":"https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/"},{"type":"ADVISORY","url":"https://wolfssl.com/wolfSSL/Blog/Entries/2015/9/17_Two_Vulnerabilities_Recently_Found%2C_An_Attack_on_RSA_using_CRT_and_DoS_Vulnerability_With_DTLS.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html"},{"type":"ARTICLE","url":"http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html"},{"type":"EVIDENCE","url":"https://people.redhat.com/~fweimer/rsa-crt-leaks.pdf"},{"type":"EVIDENCE","url":"https://securityblog.redhat.com/2015/09/02/factoring-rsa-keys-with-tls-perfect-forward-secrecy/"},{"type":"WEB","url":"http://www.securitytracker.com/id/1034708"}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}