10 matches found
EUVD-2015-8674
Malware in sbrugna...
gnutls: Use-of-uninitialized-value in ecc_256_modq
Project: https://gitlab.com/gnutls/gnutls.git Detailed report: https://oss-fuzz.com/testcase?key=6126560014761984 Project: gnutls Fuzzer: libFuzzergnutlsclientfuzzer Fuzz target binary: gnutlsclientfuzzer Job Type: libfuzzermsangnutls Platform Id: linux Crash Type: Use-of-uninitialized-value Cras...
The vulnerability of Nettle’s cryptographic library allows attackers to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the ecc256modp function in the Nettle cryptographic library is related to errors in cryptographic transformations. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of the protected information...
Nettle has an unspecified vulnerability
Nettle is a library of basic cryptographic functions. A security vulnerability exists in the 'ecc256modp' function in the ecc-256.c file in versions prior to Nettle 3.2, which stems from a failure of the program to properly handle rounding transfers when implementing P-256 NIST elliptic curves. A...
CVE-2015-8805
The ecc256modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...
Design/Logic Flaw
The ecc256modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...
CVE-2015-8803
CVE-2015-8803 affects the nettle library: the ecc_256_modp implementation for P-256 may propagate carries incorrectly in nettle before version 3.2, producing incorrect output and potentially allowing unspecified impact. Multiple Nessus reports and advisories (MiracleLinux AXSA-2016-1108, EulerOS ...
CVE-2015-8805
Summary. The CVE-2015-8805 issue affects the nettle cryptographic library prior to version 3.2. The vulnerability is in the elliptic-curve implementation for P-256: the ecc_256_modq function in ecc-256.c does not properly handle carry propagation, producing incorrect output. This is documented al...
CVE-2015-8805
The ecc256modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...
CVE-2015-8803
The ecc256modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...