{"id":7230,"date":"2025-09-03T10:55:26","date_gmt":"2025-09-03T08:55:26","guid":{"rendered":"https:\/\/sanctuary.dev\/blog\/sanctuary-esa-tender-supply-chain-2\/"},"modified":"2025-09-03T14:28:56","modified_gmt":"2025-09-03T12:28:56","slug":"wolftpm-vulnerability-discovered","status":"publish","type":"post","link":"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/","title":{"rendered":"Stack Overflow in wolfTPM RSA Key Export Discovered"},"content":{"rendered":"\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

The SANCTUARY team uncovered a stack\u2011based buffer overflow in wolfTPM\u2019s wolfTPM2_RsaKey_TpmToWolf function, occurring when RSA keys larger than the default 2048\u2011bit configuration are exported without adequate bounds checking, as documented in CVE\u20112025\u20117844. This vulnerability arises particularly when oversized keys are imported via public\u2011key pathways and not constrained by compile-time configuration, enabling potential stack corruption. Mitigation involves upgrading to the patched version (3.9.2 or later) or adjusting compile\u2011time RSA bit limits to match expected key sizes.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t

\n\t\t\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

wolfTPM is a portable, C-based TPM 2.0 stack and wrapper layer produced by wolfSSL that targets embedded use. It implements the TPM 2.0 command set, provides a hardware abstraction for common buses and exposes a high-level wrapper API that simplifies tasks such as key generation, storage, attestation, sealing and TLS integrations. The library can talk to hardware TPMs via the Linux kernel interface or directly over SPI and I\u00b2C, and ships with extensive examples and documentation for typical workflows.<\/p>

This post documents a stack-based buffer overflow in the RSA export wrapper wolfTPM2_RsaKey_TpmToWolf. The issue is tracked publicly as CVE-2025-7844<\/a> and is fixed in wolfTPM v3.9.2<\/a>. The vulnerability allows an attacker to overrun a fixed-size stack buffer when converting a TPM-resident RSA public key to a wolfCrypt RsaKey, if larger-than-expected key material reaches the wrapper at runtime.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t

Where the Bug Sits<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t
\n\t\t\t\t
\n\t\t\t\t\t\t\t

The wrapper layer declares the conversion function as:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t

\n\t\t\t\t
\n\t\t\t\t\t
\n\t\t\t
\n\t\t\t\t\n\t\t\t\t\tWOLFTPM_API int wolfTPM2_RsaKey_TpmToWolf( OLFTPM2_DEV* dev, WOLFTPM2_KEY* tpmKey, RsaKey* wolfKey);<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-b5622a4 elementor-widget elementor-widget-text-editor\" data-id=\"b5622a4\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>The function\u2019s purpose is to read the RSA public modulus and exponent from a TPM 2.0 public area and feed them into a wolfCrypt <tt>RsaKey<\/tt>. This API is part of the documented &#8220;wolfTPM2 Wrappers&#8221; interface, alongside helpers to import and export keys, including <tt>wolfTPM2_ImportPublicKeyBuffer<\/tt>.<\/p><p>wolfTPM\u2019s TPM structure definitions follow the TPM 2.0 conventions. The RSA public component is represented as <tt>TPM2B_PUBLIC_KEY_RSA<\/tt>, which contains a two-byte length and a modulus buffer sized by the <tt>MAX_RSA_KEY_BYTES<\/tt> macro.<\/p><p>The bug stems from a mismatch between two build-time size assumptions and one runtime size. wolfTPM uses a compile-time constant for the wrapper&#8217;s temporary buffer size. By default the wrapper derives <tt>WOLFTPM2_WRAP_RSA_KEY_BITS<\/tt> from <tt>MAX_RSA_KEY_BITS<\/tt> which defaults to 2048, so a local stack buffer <tt>n<\/tt> is allocated to hold 2048\/8 bits, i.e. 256 bytes:<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-a33662c elementor-widget elementor-widget-code-highlight\" data-id=\"a33662c\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-c \">\n\t\t\t\t<code readonly=\"true\" class=\"language-c\">\n\t\t\t\t\t<xmp>byte n[WOLFTPM2_WRAP_RSA_KEY_BITS \/ 8]; \/* 256 bytes if 2048-bit default *\/\r\n<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-942392d elementor-widget elementor-widget-text-editor\" data-id=\"942392d\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\tAt run time, the code assigns <tt>nSz<\/tt> to the size field of the TPM public modulus and then copies that many bytes into <tt>n<\/tt> without validating that <tt>nSz<\/tt> is less than or equal to <tt>sizeof(n)<\/tt>:\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-d34bbb4 elementor-widget elementor-widget-code-highlight\" data-id=\"d34bbb4\" data-element_type=\"widget\" data-widget_type=\"code-highlight.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t<div class=\"prismjs-default copy-to-clipboard \">\n\t\t\t<pre data-line=\"\" class=\"highlight-height language-c \">\n\t\t\t\t<code readonly=\"true\" class=\"language-c\">\n\t\t\t\t\t<xmp>\/* load public key *\/\r\nnSz = tpmKey->pub.publicArea.unique.rsa.size;\r\nXMEMCPY(n, tpmKey->pub.publicArea.unique.rsa.buffer, nSz);\r\n<\/xmp>\n\t\t\t\t<\/code>\n\t\t\t<\/pre>\n\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-f2d0c02 elementor-widget elementor-widget-text-editor\" data-id=\"f2d0c02\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>If a 3072-bit or 4096-bit RSA key reaches this path in a build compiled with the default 2048-bit wrapper buffer, the <tt>XMEMCPY<\/tt> overflows the 256-byte stack buffer, triggering a classic CWE-121 condition. The RSA public structure itself is large enough to hold bigger keys because <tt>MAX_RSA_KEY_BYTES<\/tt> accounts for larger bit sizes, so the source buffer can legitimately exceed the destination.<\/p><p>wolfSSL&#8217;s has acknowledged the problem and assigned CVE-2025-7844. wolfTPM 3.9.2 fixes this buffer overflow, but also adds bounds checks throughout the project.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-28b693f elementor-widget elementor-widget-heading\" data-id=\"28b693f\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Why Exploitation is Plausible<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-fff0d94 elementor-widget elementor-widget-text-editor\" data-id=\"fff0d94\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>The wrapper API includes helpers that import public keys from external buffers and files. In particular, <tt>wolfTPM2_ImportPublicKeyBuffer<\/tt> can ingest a DER or PEM RSA public key without involving the TPM\u2019s key-creation limits, which means an application can create in-memory <tt>TPM2B_PUBLIC<\/tt> data with a modulus larger than the default wrapper expectation. Keys loaded as TPM keyblobs via the hardware would typically be constrained by the TPM\u2019s capabilities, but externally imported public keys do not benefit from that hardware guardrail. If such a key subsequently flows into <tt>wolfTPM2_RsaKey_TpmToWolf<\/tt>, the unchecked copy can overrun the fixed-size stack buffer. Note, that depending on the concrete scenario, the malicious public key can be created by another process and loaded by the victim process, even without physical presence. Depending on compilation flags and surrounding frame layout, consequences range from program aborts with stack canaries or sanitizers to potential control-flow hijack in non-hardened builds.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-e6dd7f7 elementor-widget elementor-widget-heading\" data-id=\"e6dd7f7\" data-element_type=\"widget\" data-widget_type=\"heading.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t<h2 class=\"elementor-heading-title elementor-size-default\">Patch and Configuration Guidance<\/h2>\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t<div class=\"elementor-element elementor-element-6b21315 elementor-widget elementor-widget-text-editor\" data-id=\"6b21315\" data-element_type=\"widget\" data-widget_type=\"text-editor.default\">\n\t\t\t\t<div class=\"elementor-widget-container\">\n\t\t\t\t\t\t\t<p>wolfSSL fixed the issue in v3.9.2 by hardening buffer size checks in the RSA export path and related areas. Users should upgrade to wolfTPM v3.9.2 or later. The release notes specify that a stack overrun is also avoided when the build-time macro <tt>MAX_RSA_KEY_BITS<\/tt> is set correctly to match the maximum RSA size supported by the target TPM and application. While correct configuration mitigates the risk, relying solely on configuration is fragile because higher-level import paths can still introduce larger public keys into memory if the code path does not constrain them.<\/p><p>We want to thank the wolfSSL team for the easy and fast process, and congratulate Richard Mitev, Giannis Mouzenidis, and Patrick Jauernig to the findings. This vulnerability has been found during our on-going <a href=\"https:\/\/sanctuary.dev\/blog\/sanctuary-esa-tender-for-trusted-platform-modules\/\">ESA activity on using a TPM as a service on a satellite<\/a>.<\/p>\t\t\t\t\t\t<\/div>\n\t\t\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/div>\n\t\t\t\t\t<\/div>\n\t\t<\/section>\n\t\t\t\t<\/div>\n\t\t","protected":false},"excerpt":{"rendered":"<p>The SANCTUARY team uncovered a stack\u2011based buffer overflow in wolfTPM\u2019s wolfTPM2_RsaKey_TpmToWolf function.<\/p>\n","protected":false},"author":12,"featured_media":7241,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[32],"tags":[],"class_list":["post-7230","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.1.1 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Stack Overflow in wolfTPM RSA Key Export Discovered - SANCTUARY<\/title>\n<meta name=\"description\" content=\"We develop next-generation security architectures for secure aggregation on distributed embedded systems - from satellites to smart factories.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Stack Overflow in wolfTPM RSA Key Export Discovered - SANCTUARY\" \/>\n<meta property=\"og:description\" content=\"We develop next-generation security architectures for secure aggregation on distributed embedded systems - from satellites to smart factories.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/\" \/>\n<meta property=\"og:site_name\" content=\"SANCTUARY\" \/>\n<meta property=\"article:published_time\" content=\"2025-09-03T08:55:26+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-09-03T12:28:56+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/sanctuary.dev\/app\/uploads\/2025\/09\/tpm_mem-corruption_3-2.webp\" \/>\n\t<meta property=\"og:image:width\" content=\"1536\" \/>\n\t<meta property=\"og:image:height\" content=\"1024\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/webp\" \/>\n<meta name=\"author\" content=\"Patrick Jauernig\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@sanctuary_dev\" \/>\n<meta name=\"twitter:site\" content=\"@sanctuary_dev\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/\"},\"author\":{\"name\":\"Patrick Jauernig\",\"@id\":\"https:\/\/sanctuary.dev\/en\/#\/schema\/person\/8a76acac1b46c49e9fb1948181536f5c\"},\"headline\":\"Stack Overflow in wolfTPM RSA Key Export Discovered\",\"datePublished\":\"2025-09-03T08:55:26+00:00\",\"dateModified\":\"2025-09-03T12:28:56+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/\"},\"wordCount\":803,\"publisher\":{\"@id\":\"https:\/\/sanctuary.dev\/en\/#organization\"},\"image\":{\"@id\":\"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/sanctuary.dev\/app\/uploads\/2025\/09\/tpm_mem-corruption_3-2.webp\",\"articleSection\":[\"News\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/\",\"url\":\"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/\",\"name\":\"Stack Overflow in wolfTPM RSA Key Export Discovered - SANCTUARY\",\"isPartOf\":{\"@id\":\"https:\/\/sanctuary.dev\/en\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/sanctuary.dev\/app\/uploads\/2025\/09\/tpm_mem-corruption_3-2.webp\",\"datePublished\":\"2025-09-03T08:55:26+00:00\",\"dateModified\":\"2025-09-03T12:28:56+00:00\",\"description\":\"We develop next-generation security architectures for secure aggregation on distributed embedded systems - from satellites to smart factories.\",\"breadcrumb\":{\"@id\":\"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/#primaryimage\",\"url\":\"https:\/\/sanctuary.dev\/app\/uploads\/2025\/09\/tpm_mem-corruption_3-2.webp\",\"contentUrl\":\"https:\/\/sanctuary.dev\/app\/uploads\/2025\/09\/tpm_mem-corruption_3-2.webp\",\"width\":1536,\"height\":1024,\"caption\":\"TPM chip with text suggesting a memory corruption vulnerability\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/sanctuary.dev\/en\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Stack Overflow in wolfTPM RSA Key Export Discovered\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/sanctuary.dev\/en\/#website\",\"url\":\"https:\/\/sanctuary.dev\/en\/\",\"name\":\"SANCTUARY\",\"description\":\"The Embedded Security Experts\",\"publisher\":{\"@id\":\"https:\/\/sanctuary.dev\/en\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/sanctuary.dev\/en\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/sanctuary.dev\/en\/#organization\",\"name\":\"SANCTUARY\",\"url\":\"https:\/\/sanctuary.dev\/en\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sanctuary.dev\/en\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/sanctuary.dev\/app\/uploads\/2022\/07\/sanctuary_linkedin_logo_v4.png\",\"contentUrl\":\"https:\/\/sanctuary.dev\/app\/uploads\/2022\/07\/sanctuary_linkedin_logo_v4.png\",\"width\":1841,\"height\":1841,\"caption\":\"SANCTUARY\"},\"image\":{\"@id\":\"https:\/\/sanctuary.dev\/en\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/sanctuary_dev\",\"https:\/\/www.linkedin.com\/company\/sanctuary-dev\/\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/sanctuary.dev\/en\/#\/schema\/person\/8a76acac1b46c49e9fb1948181536f5c\",\"name\":\"Patrick Jauernig\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/sanctuary.dev\/en\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/6f8d1d76523044ced2626b1c8c709acfeb177611c438a7965685bd8423af475b?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/6f8d1d76523044ced2626b1c8c709acfeb177611c438a7965685bd8423af475b?s=96&d=mm&r=g\",\"caption\":\"Patrick Jauernig\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Stack Overflow in wolfTPM RSA Key Export Discovered - SANCTUARY","description":"We develop next-generation security architectures for secure aggregation on distributed embedded systems - from satellites to smart factories.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/","og_locale":"en_US","og_type":"article","og_title":"Stack Overflow in wolfTPM RSA Key Export Discovered - SANCTUARY","og_description":"We develop next-generation security architectures for secure aggregation on distributed embedded systems - from satellites to smart factories.","og_url":"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/","og_site_name":"SANCTUARY","article_published_time":"2025-09-03T08:55:26+00:00","article_modified_time":"2025-09-03T12:28:56+00:00","og_image":[{"width":1536,"height":1024,"url":"https:\/\/sanctuary.dev\/app\/uploads\/2025\/09\/tpm_mem-corruption_3-2.webp","type":"image\/webp"}],"author":"Patrick Jauernig","twitter_card":"summary_large_image","twitter_creator":"@sanctuary_dev","twitter_site":"@sanctuary_dev","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/#article","isPartOf":{"@id":"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/"},"author":{"name":"Patrick Jauernig","@id":"https:\/\/sanctuary.dev\/en\/#\/schema\/person\/8a76acac1b46c49e9fb1948181536f5c"},"headline":"Stack Overflow in wolfTPM RSA Key Export Discovered","datePublished":"2025-09-03T08:55:26+00:00","dateModified":"2025-09-03T12:28:56+00:00","mainEntityOfPage":{"@id":"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/"},"wordCount":803,"publisher":{"@id":"https:\/\/sanctuary.dev\/en\/#organization"},"image":{"@id":"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/#primaryimage"},"thumbnailUrl":"https:\/\/sanctuary.dev\/app\/uploads\/2025\/09\/tpm_mem-corruption_3-2.webp","articleSection":["News"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/","url":"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/","name":"Stack Overflow in wolfTPM RSA Key Export Discovered - SANCTUARY","isPartOf":{"@id":"https:\/\/sanctuary.dev\/en\/#website"},"primaryImageOfPage":{"@id":"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/#primaryimage"},"image":{"@id":"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/#primaryimage"},"thumbnailUrl":"https:\/\/sanctuary.dev\/app\/uploads\/2025\/09\/tpm_mem-corruption_3-2.webp","datePublished":"2025-09-03T08:55:26+00:00","dateModified":"2025-09-03T12:28:56+00:00","description":"We develop next-generation security architectures for secure aggregation on distributed embedded systems - from satellites to smart factories.","breadcrumb":{"@id":"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/#primaryimage","url":"https:\/\/sanctuary.dev\/app\/uploads\/2025\/09\/tpm_mem-corruption_3-2.webp","contentUrl":"https:\/\/sanctuary.dev\/app\/uploads\/2025\/09\/tpm_mem-corruption_3-2.webp","width":1536,"height":1024,"caption":"TPM chip with text suggesting a memory corruption vulnerability"},{"@type":"BreadcrumbList","@id":"https:\/\/sanctuary.dev\/en\/blog\/wolftpm-vulnerability-discovered\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/sanctuary.dev\/en\/"},{"@type":"ListItem","position":2,"name":"Stack Overflow in wolfTPM RSA Key Export Discovered"}]},{"@type":"WebSite","@id":"https:\/\/sanctuary.dev\/en\/#website","url":"https:\/\/sanctuary.dev\/en\/","name":"SANCTUARY","description":"The Embedded Security Experts","publisher":{"@id":"https:\/\/sanctuary.dev\/en\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/sanctuary.dev\/en\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/sanctuary.dev\/en\/#organization","name":"SANCTUARY","url":"https:\/\/sanctuary.dev\/en\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sanctuary.dev\/en\/#\/schema\/logo\/image\/","url":"https:\/\/sanctuary.dev\/app\/uploads\/2022\/07\/sanctuary_linkedin_logo_v4.png","contentUrl":"https:\/\/sanctuary.dev\/app\/uploads\/2022\/07\/sanctuary_linkedin_logo_v4.png","width":1841,"height":1841,"caption":"SANCTUARY"},"image":{"@id":"https:\/\/sanctuary.dev\/en\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/sanctuary_dev","https:\/\/www.linkedin.com\/company\/sanctuary-dev\/"]},{"@type":"Person","@id":"https:\/\/sanctuary.dev\/en\/#\/schema\/person\/8a76acac1b46c49e9fb1948181536f5c","name":"Patrick Jauernig","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/sanctuary.dev\/en\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/6f8d1d76523044ced2626b1c8c709acfeb177611c438a7965685bd8423af475b?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/6f8d1d76523044ced2626b1c8c709acfeb177611c438a7965685bd8423af475b?s=96&d=mm&r=g","caption":"Patrick Jauernig"}}]}},"_links":{"self":[{"href":"https:\/\/sanctuary.dev\/en\/wp-json\/wp\/v2\/posts\/7230","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/sanctuary.dev\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/sanctuary.dev\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/sanctuary.dev\/en\/wp-json\/wp\/v2\/users\/12"}],"replies":[{"embeddable":true,"href":"https:\/\/sanctuary.dev\/en\/wp-json\/wp\/v2\/comments?post=7230"}],"version-history":[{"count":8,"href":"https:\/\/sanctuary.dev\/en\/wp-json\/wp\/v2\/posts\/7230\/revisions"}],"predecessor-version":[{"id":7238,"href":"https:\/\/sanctuary.dev\/en\/wp-json\/wp\/v2\/posts\/7230\/revisions\/7238"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/sanctuary.dev\/en\/wp-json\/wp\/v2\/media\/7241"}],"wp:attachment":[{"href":"https:\/\/sanctuary.dev\/en\/wp-json\/wp\/v2\/media?parent=7230"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/sanctuary.dev\/en\/wp-json\/wp\/v2\/categories?post=7230"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/sanctuary.dev\/en\/wp-json\/wp\/v2\/tags?post=7230"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}