Design/Logic Flaw

2017-01-1316:59:00

PRIOn knowledge base

www.prio-n.com

7.2 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

61.9%

JSON

The pstm_exptmod function in MatrixSSL before 3.8.4 allows remote attackers to cause a denial of service (invalid free and crash) via a base zero value for the modular exponentiation.

CPENameOperatorVersion
matrixsslle3.8.3

CPE	Name	Operator	Version
	matrixssl	le	3.8.3

References

www.matrixssl.org/blog/releases/matrixssl_3_8_4

blog.fuzzing-project.org/51-Fun-with-Bignums-Crashing-MatrixSSL-and-more.html