7 matches found
SUSE CVE-2022-0778
The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates that contain elliptic curve public keys in compressed form or explicit elliptic curve parameters with a...
CVE-2022-0778 - Infinite loop in BN_mod_sqrt() reachable when parsing certificates
Security Advisory ID: BSA-2022-1752 Component: OpenSSL Revision: 2.0 The BNmodsqrt function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. More information is at https://www.openssl.org/news/secadv/20220315.txt Affected Products Broca...
openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
A flaw was found in OpenSSL. It is possible to trigger an infinite loop by crafting a certificate that has invalid elliptic curve parameters. Since certificate parsing happens before verification of the certificate signature, any process that parses an externally supplied certificate may be subje...
openssl: Infinite loop in BN_mod_sqrt() reachable when parsing certificates
A flaw was found in OpenSSL. It is possible to trigger an infinite loop by crafting a certificate that has invalid elliptic curve parameters. Since certificate parsing happens before verification of the certificate signature, any process that parses an externally supplied certificate may be subje...
CLSA-2022-1647550873 Fix of CVE: CVE-2022-0778
CVE-2022-0778: Fix possible infinite loop in BNmodsqrt...
OpenSSL 安全漏洞
OpenSSL is an open source general-purpose cryptographic library capable of implementing the Secure Sockets Layer SSLv2/v3 and Secure Transport Layer TLSv1 protocols. A denial of service vulnerability exists in OpenSSL due to an error in the BNmodsqrt function that calculates the square root of a...
PT-2022-1848
Name of the Vulnerable Software and Affected Versions OpenSSL versions 1.0.2 through 1.0.2zc OpenSSL versions 1.1.1 through 1.1.1m OpenSSL versions 3.0.0 through 3.0.1 Description The BN mod sqrt function in OpenSSL contains a bug that can cause it to loop forever for non-prime moduli, leading to...