3 matches found
CVE-2022-23004
When computing a shared secret or point multiplication on the NIST P-256 curve using a public key with an X coordinate of zero, an error is returned from the library, and an invalid unreduced value is written to the output buffer. This may be leveraged by an attacker to cause an error scenario,...
CVE-2022-23004 Algorithm incorrectly returning error and Invalid unreduced value written to output buffer
When computing a shared secret or point multiplication on the NIST P-256 curve using a public key with an X coordinate of zero, an error is returned from the library, and an invalid unreduced value is written to the output buffer. This may be leveraged by an attacker to cause an error scenario,...
CVE-2022-23004
CVE-2022-23004 affects the Western Digital Sweet B library (ECC on NIST P-256). When performing a shared secret calculation or point multiplication with a public key whose X coordinate is zero, the library returns an error and writes an invalid unreduced value to the output buffer, potentially al...