{"id":"CVE-2023-6935","summary":"Marvin Attack vulnerability in SP Math All RSA","details":"wolfSSL SP Math All RSA implementation is vulnerable to the Marvin Attack, new variation of a timing Bleichenbacher style attack, when built with the following options to configure:\n\n--enable-all CFLAGS=\"-DWOLFSSL_STATIC_RSA\"\n\nThe define “WOLFSSL_STATIC_RSA” enables static RSA cipher suites, which is not recommended, and has been disabled by default since wolfSSL 3.6.6.  Therefore the default build since 3.6.6, even with \"--enable-all\", is not vulnerable to the Marvin Attack. The vulnerability is specific to static RSA cipher suites, and expected to be padding-independent.\n\nThe vulnerability allows an attacker to decrypt ciphertexts and forge signatures after probing with a large number of test observations. However the server’s private key is not exposed.\n","modified":"2026-05-28T04:09:46.102106903Z","published":"2024-02-09T22:25:04.663Z","database_specific":{"osv_generated_from":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/6xxx/CVE-2023-6935.json","cna_assigner":"wolfSSL","cwe_ids":["CWE-203"]},"references":[{"type":"WEB","url":"https://www.wolfssl.com/docs/security-vulnerabilities/"},{"type":"ADVISORY","url":"https://github.com/CVEProject/cvelistV5/tree/main/cves/2023/6xxx/CVE-2023-6935.json"},{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2023-6935"},{"type":"ADVISORY","url":"https://people.redhat.com/~hkario/marvin/"},{"type":"PACKAGE","url":"https://github.com/wolfSSL/wolfssl"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/wolfssl/wolfssl","events":[{"introduced":"182028819d5d1b3beeea15a3f3117a06608b62b0"}]}],"versions":["v5.9.1-stable","v5.9.0-stable","WCv6.0.0-linuxkm-UPDT-RC2","WCv5.2.4-KRNL-CHKIN-r5","WCv6.0.0-linuxkm-UPDT-RC1","WCv5.2.4-KRNL-CHKIN-r4","WCv6.0.0-RC5","WCv5.2.4-KRNL-CHKIN","v5.8.4-stable","wolfEntropy2d","WCv5.2.5-STM32-PAA","WCv5.2.3-STM32-PAA","v5.8.2-stable","WCv5.2.3-DHGENPUB-r2","WCv5.2.3-RSA-SWITCH","v5.2.1-stable","wolfEntropy2","wolfEntropy1","WCv5.2.3-DHGENPUB","v5.8.0-stable","WCv6.0.0-RC4","WCv6.0.0-RC3","v5.7.6-stable","v5.7.4-stable","v5.2.1","WCv5.2.3-ARMv8-PAA-r2","WCv6.0.0-RC2","WCv6.0.0-RC1","v5.2.1-stable-OS_Seed-HdrOnly","v5.7.2-stable","v5.7.0-stable","WCv5.2.3-ARMv8-PAA","v5.6.6-stable","v5.6.4-stable","WCv5.0-RC12","WCv5.0-RC11","WCv5.0-RC10","WCv5.2.1-PILOT","v5.6.2-stable","v5.6.3-stable","v5.6.0-stable","v5.5.4-stable","v5.5.3-stable","v5.5.2-stable","v5.5.1-stable","v5.5.0-stable","v5.4.0-stable","v5.3.0-stable","v5.2.0-stable","v5.1.1-stable","v5.1.0-stable","v5.0.0-stable","WCv5.0-RC9","v4.8.1-stable","v4.8.0-stable","WCv5.0-RC8","WCv5.0-RC7","WCv5.0-RC6","WCv5.0-RC5","v4.7.1r","WCv5.0-RC4","WCv5.0-RC3","v4.7.0-stable","WCv5.0-RC2","v4.6.0-stable","v4.5.0-stable","v4.4.0-stable","v4.3.0-stable","v4.2.0c","v4.2.0-stable","wolfRand-RC2","v4.1.0-stable","wolfRand-RC1","v4.0.0-stable","list","v3.15.8","v3.15.7-stable","v3.15.6","v3.15.5a","v3.15.5-stable","WCv4-rng-stable","WCv4.0-RC9","WCv4.0-RC8","WCv4.0-RC7","v3.15.3-stable","l","v3.15.0-stable","v3.14.5","WCv4.0-RC6","WCv4-stable","WCv4.0-RC5","WCv4.0-RC4","v3.14.4","WCv4.0-RC3","WCv4.0-RC2","WCv4.0-RC1","v3.14.2","v3.14.0b","v3.14.0a","v3.14.0-stable","v3.13.3","v3.13.2","v3.13.0-stable","v3.12.2-stable"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-6935.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}]}