3 matches found
CVE-2022-23002
When compressing or decompressing a point on the NIST P-256 elliptic curve with an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The resulting output will cause an error when used in other operations. This may be leveraged by an...
CVE-2022-23002 Point Compression/Decompression of NIST P-256 points with X coordinate of zero
When compressing or decompressing a point on the NIST P-256 elliptic curve with an X coordinate of zero, the resulting output is not properly reduced modulo the P-256 field prime and is invalid. The resulting output will cause an error when used in other operations. This may be leveraged by an...
CVE-2022-23002
CVE-2022-23002 affects the Western Digital Sweet B library (ECC over NIST P-256) during point compression/decompression when the X coordinate is zero. The output is not properly reduced modulo the P-256 field prime, producing an invalid value that triggers an error in subsequent operations. This ...