diff --git a/.wolfssl_known_macro_extras b/.wolfssl_known_macro_extras
index adb7cb60f..0b7fddee7 100644
--- a/.wolfssl_known_macro_extras
+++ b/.wolfssl_known_macro_extras
@@ -94,6 +94,7 @@ CONFIG_IDF_TARGET_ESP32S2
 CONFIG_IDF_TARGET_ESP32S3
 CONFIG_IDF_TARGET_ESP8266
 CONFIG_IDF_TARGET_ESP8684
+CONFIG_KASAN
 CONFIG_MAIN_TASK_STACK_SIZE
 CONFIG_MBEDTLS_CERTIFICATE_BUNDLE
 CONFIG_MBEDTLS_PSA_CRYPTO_C
@@ -803,7 +804,6 @@ WOLFSSL_SILABS_TRNG
 WOLFSSL_SM4_EBC
 WOLFSSL_SNIFFER_NO_RECOVERY
 WOLFSSL_SP_ARM32_UDIV
-WOLFSSL_SP_DH
 WOLFSSL_SP_FAST_NCT_EXPTMOD
 WOLFSSL_SP_INT_SQR_VOLATILE
 WOLFSSL_STACK_CHECK
diff --git a/linuxkm/module_hooks.c b/linuxkm/module_hooks.c
index cb1f7aaa8..25024eb3d 100644
--- a/linuxkm/module_hooks.c
+++ b/linuxkm/module_hooks.c
@@ -755,6 +755,8 @@ static int updateFipsHash(void)
         goto out;
     }
 
+    WC_SANITIZE_DISABLE();
+
     ret = crypto_shash_update(desc, (byte *)(wc_ptr_t)first, (word32)code_sz);
     if (ret) {
         pr_err("crypto_shash_update failed: err %d\n", ret);
@@ -781,6 +783,8 @@ static int updateFipsHash(void)
         goto out;
     }
 
+    WC_SANITIZE_ENABLE();
+
     ret = crypto_shash_final(desc, hash);
     if (ret) {
         pr_err("crypto_shash_final failed: err %d\n", ret);
diff --git a/wolfssl/wolfcrypt/settings.h b/wolfssl/wolfcrypt/settings.h
index 962d82e69..9fa7a3372 100644
--- a/wolfssl/wolfcrypt/settings.h
+++ b/wolfssl/wolfcrypt/settings.h
@@ -3673,6 +3673,15 @@ extern void uITRON4_free(void *p) ;
     #endif
     #undef WOLFSSL_MIN_AUTH_TAG_SZ
     #define WOLFSSL_MIN_AUTH_TAG_SZ 4
+
+    #ifdef CONFIG_KASAN
+        #ifndef WC_SANITIZE_DISABLE
+            #define WC_SANITIZE_DISABLE() kasan_disable_current()
+        #endif
+        #ifndef WC_SANITIZE_ENABLE
+            #define WC_SANITIZE_ENABLE() kasan_enable_current()
+        #endif
+    #endif
 #endif
 
 
diff --git a/wolfssl/wolfcrypt/types.h b/wolfssl/wolfcrypt/types.h
index a3e6af7aa..167945f51 100644
--- a/wolfssl/wolfcrypt/types.h
+++ b/wolfssl/wolfcrypt/types.h
@@ -1886,6 +1886,13 @@ typedef struct w64wrapper {
         #define RESTORE_VECTOR_REGISTERS() WC_DO_NOTHING
     #endif
 
+    #ifndef WC_SANITIZE_DISABLE
+        #define WC_SANITIZE_DISABLE() WC_DO_NOTHING
+    #endif
+    #ifndef WC_SANITIZE_ENABLE
+        #define WC_SANITIZE_ENABLE() WC_DO_NOTHING
+    #endif
+
     #if FIPS_VERSION_GE(5,1)
         #define WC_SPKRE_F(x,y) wolfCrypt_SetPrivateKeyReadEnable_fips((x),(y))
         #define PRIVATE_KEY_LOCK() WC_SPKRE_F(0,WC_KEYTYPE_ALL)