Silence `GO-2025-3447` in `libwg`

author: Markus Pettersson <markus.pettersson@mullvad.net> 2025-03-12 09:07:15 +0100
committer: Markus Pettersson <markus.pettersson@mullvad.net> 2025-03-12 12:40:48 +0100
commit: 34cb4f1ab2f5640669c2518a6d69e2adc3aeb062 (patch)
tree: ea2e029104bd63cd404f299533e4152b2eb46a2b
parent: 93d9c2436573e7173f6d0db296032378ebf3ca75 (diff)
download: mullvadvpn-34cb4f1ab2f5640669c2518a6d69e2adc3aeb062.tar.xz
mullvadvpn-34cb4f1ab2f5640669c2518a6d69e2adc3aeb062.zip
1 files changed, 6 insertions, 0 deletions
diff --git a/wireguard-go-rs/libwg/osv-scanner.toml b/wireguard-go-rs/libwg/osv-scanner.toml
index 13bfc89e2c..056e788f61 100644
--- a/wireguard-go-rs/libwg/osv-scanner.toml
+++ b/wireguard-go-rs/libwg/osv-scanner.toml
@@ -46,3 +46,9 @@ reason = "wireguard-go does not use the affected code"
 id = "CVE-2025-22869" # GO-2025-3487
 ignoreUntil = 2025-06-12
 reason = "wireguard-go does not use the affected code"
+
+# Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec. We don't deploy to PowerPC.
+[[IgnoredVulns]]
+id = "CVE-2025-22866" # GO-2025-3447
+ignoreUntil = 2025-06-12
+reason = "wireguard-go does not use the affected code"
author	Markus Pettersson <markus.pettersson@mullvad.net>	2025-03-12 09:07:15 +0100
committer	Markus Pettersson <markus.pettersson@mullvad.net>	2025-03-12 12:40:48 +0100
commit	34cb4f1ab2f5640669c2518a6d69e2adc3aeb062 (patch)
tree	ea2e029104bd63cd404f299533e4152b2eb46a2b
parent	93d9c2436573e7173f6d0db296032378ebf3ca75 (diff)
download	mullvadvpn-34cb4f1ab2f5640669c2518a6d69e2adc3aeb062.tar.xz mullvadvpn-34cb4f1ab2f5640669c2518a6d69e2adc3aeb062.zip