Stack Buffer Overrun in RSA Key Export for TPM 2.0 Module by wolfSSL

CVE-2025-7844

What is CVE-2025-7844?

CVE-2025-7844 is a vulnerability identified in the RSA key export functionality of the TPM 2.0 module implemented by wolfSSL, a company known for its lightweight SSL/TLS libraries and cryptographic solutions. This particular vulnerability stems from a stack buffer overrun that occurs when exporting RSA keys larger than 2048 bits from the Trusted Platform Module (TPM). If an application requests the export of such a key while the MAX_RSA_KEY_BITS setting is defaulted to 2048, it can result in a stack overflow condition. This situation poses a significant risk for organizations that utilize systems requiring robust cryptographic operations, as it may lead to various unexpected behaviors, including system crashes or, more critically, arbitrary code execution.

Potential impact of CVE-2025-7844

1. System Compromise: Exploiting this vulnerability could allow an attacker to execute arbitrary code on the affected system, compromising its integrity and potentially allowing unauthorized access to sensitive data or operations.

2. Data Breach: With the ability to manipulate cryptographic key exports, attackers could gain access to encrypted information, leading to significant data breaches that could expose confidential or proprietary information.

3. Operational Disruption: The vulnerability may lead to system instability or outages due to stack overrun incidents, affecting the normal operations of businesses that depend on the TPM for secure cryptographic functionalities. This can result in downtime, loss of productivity, and potential financial loss.

References