Primary

Context

Coolsnowwolf Lede BN_mod_sqrt Infinite Loop Vulnerability

Vulnerability

A vulnerability causing an infinite loop has been identified in the coolsnowwolf lede project, specifically within the MT7615D driver security modules. This issue arises in the BN_mod_sqrt() function, which was cloned from OpenSSL but did not incorporate a critical security patch. The vulnerability affects lede versions through r25.10.1.

Impact

Exploitation of this vulnerability leads to an infinite loop in the BN_mod_sqrt() function, causing the program to hang indefinitely under certain conditions.

Remediation

Users can apply the same patch that was implemented in OpenSSL to address this vulnerability. The patch is available in the official coolsnowwolf lede repository.

Added: Jan 27, 2026, 9:30 AM

Updated: Jan 27, 2026, 3:35 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.5

remediation

0.0

relevance

2.4

threat

0.0

urgency

5.7

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.5

remediation

0.0

relevance

2.4

threat

0.0

urgency

5.7

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Coolsnowwolf Lede BN_mod_sqrt Infinite Loop Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating