16 matches found
JLSEC-2026-226 There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms...
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis...
EUVD-2017-12853
Malware in sbrugna...
SUSE CVE-2021-4160
There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis...
Information Exposure
Overview std/math/big is a Go standard library package std/math/big Affected versions of this package are vulnerable to Information Exposure. Go Vulnerability Report: Int.Exp Montgomery mishandled carry propagation and produced an incorrect output, which makes it easier for attackers to obtain...
openssl: bn_sqrx8x_internal carry bug on x86_64
There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely...
RHEL 7 : java-1.8.0-ibm (RHSA-2018:2568)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2018:2568 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE ...
openssl: Carry propagating bug in Montgomery multiplication
There is a carry propagating bug in the Broadwell-specific Montgomery multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that handles input lengths divisible by, but longer than 256 bits. Analysis suggests that attacks against RSA, DSA and DH private keys are impossible. This is...
openssl: bn_sqrx8x_internal carry bug on x86_64
There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely...
openSUSE Security Update : openssl (openSUSE-2017-1324)
This update for openssl fixes the following issues : Security issues fixed : - CVE-2017-3735: openssl1,openssl: Malformed X.509 IPAdressFamily could cause OOB read bsc1056058 - CVE-2017-3736: openssl: bnsqrx8xinternal carry bug on x8664 bsc1066242 - Out of bounds read+crash in DESfcrypt bsc106536...
SUSE SLED12 / SLES12 Security Update : openssl (SUSE-SU-2017:3169-1)
This update for openssl fixes the following issues: Security issues fixed : - CVE-2017-3735: openssl1,openssl: Malformed X.509 IPAdressFamily could cause OOB read bsc1056058 - CVE-2017-3736: openssl: bnsqrx8xinternal carry bug on x8664 bsc1066242 - Out of bounds read+crash in DESfcrypt bsc1065363...
FreeBSD : OpenSSL -- Multiple vulnerabilities (f40f07aa-c00f-11e7-ac58-b499baebfeaf)
The OpenSSL project reports : bnsqrx8xinternal carry bug on x8664 CVE-2017-3736 Severity: Moderate There is a carry propagating bug in the x8664 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be ver...
ALPINE-CVE-2017-3736
There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL before 1.0.2m and 1.1.0 before 1.1.0g. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely...
Vulnerability in OpenSSL - bn_sqrx8x_internal carry bug on x86_64
There is a carry propagating bug in the x8664 Montgomery squaring procedure. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed likely. Attacks against DH are considered just feasible...
OPENSUSE-SU-2017:1649-1 Security update for go
This update for go fixes the following issues: - CVE-2017-8932: Add patch to fix carry bug in x86-64 P-256 implementation boo1040618 Please note that go applications will need to be rebuilt to get this fix, as all go applications are statically linked. As we are regulary releasing updates to our...
ALPINE-CVE-2017-3732
There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed...
DEBIAN-CVE-2017-3732
There is a carry propagating bug in the x8664 Montgomery squaring procedure in OpenSSL 1.0.2 before 1.0.2k and 1.1.0 before 1.1.0d. No EC algorithms are affected. Analysis suggests that attacks against RSA and DSA as a result of this defect would be very difficult to perform and are not believed...