wolfSSL Security Update Addresses Apple Trust Store Bypass

wolfSSL has released version 5.8.2 to address several critical security vulnerabilities, with the most significant being a high-severity Apple trust store bypass flaw that could allow malicious actors to circumvent certificate verification processes on Apple platforms.

Critical Apple Platform Vulnerability

The most serious vulnerability, designated CVE-2025-7395, affects users of wolfSSL versions after 5.7.6 and before 5.8.2 who utilize the WOLFSSL_SYS_CA_CERTS and WOLFSSL_APPLE_NATIVE_CERT_VALIDATION features on Apple platforms. 

The flaw allows the native trust store verification routine to override errors from other parts of the wolfSSL certificate verification process, including failures related to hostname matching, Server Name Indication (SNI), Online Certificate Status Protocol (OCSP), and Certificate Revocation Lists (CRLs).

“This allows any trusted cert chain to override other errors detected during chain verification that should have resulted in termination of the TLS connection,” according to the wolfSSL security advisory. 

The vulnerability was discovered by Thomas Leong from ExpressVPN and has been resolved in the latest release.

Additional Security Fixes

The update also addresses a medium-severity vulnerability (CVE-2025-7394) in the OpenSSL compatibility layer implementation. 

The RAND_poll() function was not behaving as expected, potentially leading to predictable values from RAND_bytes() after fork() operations. 

This issue, reported by Per Allansson from Appgate, could result in weak or predictable random number generation in applications using both RAND_bytes() and fork() operations.

A low-severity vulnerability (CVE-2025-7396) related to Curve25519 blinding support has also been resolved. 

The update enables blinding by default for the base C implementation of Curve25519 to provide additional protection against potential side-channel attacks, particularly on devices susceptible to physical access or side-channel observation. 

This enhancement was developed in response to research by Arnaud Varillon, Laurent Sauvage, and Allan Delautre from Telecom Paris.

Beyond vulnerability fixes, wolfSSL 5.8.2 introduces several new security features and improvements. 

The release includes enhanced fault injection attack mitigation for ECC and Ed25519 verify operations, with researchers from Fraunhofer AISEC contributing to the security assessment.

The update also brings significant improvements to the Linux Kernel Module, implementing all AES, SHA, and HMAC functionality within the kernel space. 

Additionally, new APIs have been added for X.509 certificate handling and PKCS12 encryption support.

Organizations using wolfSSL on Apple platforms, particularly those with system CA support enabled, are strongly advised to update to version 5.8.2 immediately to protect against the trust store bypass vulnerability.

Get Free Ultimate SOC Requirements Checklist Before you build, buy, or switch your SOC for 2025 - Download Now