8 matches found
CVE-2015-8803
The ecc256modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...
Design/Logic Flaw
The ecc256modq function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...
Design/Logic Flaw
The ecc256modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...
CVE-2015-8803
The ecc256modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...
CVE-2015-8803
CVE-2015-8803 affects the nettle library: the ecc_256_modp implementation for P-256 may propagate carries incorrectly in nettle before version 3.2, producing incorrect output and potentially allowing unspecified impact. Multiple Nessus reports and advisories (MiracleLinux AXSA-2016-1108, EulerOS ...
CVE-2015-8805
Summary. The CVE-2015-8805 issue affects the nettle cryptographic library prior to version 3.2. The vulnerability is in the elliptic-curve implementation for P-256: the ecc_256_modq function in ecc-256.c does not properly handle carry propagation, producing incorrect output. This is documented al...
MGASA-2016-0061 Updated nettle packages fix security vulnerabilities
Updated nettle2.7 and nettle packages fix security vulnerabilities: Two carry propagation bugs in elliptic curve scalar multiplications that affect the NIST P-256 curve. The bugs are in the C code and affect multiple architectures CVE-2015-8803, CVE-2015-8805. A carry propagation bug in elliptic...
CVE-2015-8803
The ecc256modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than...