Timing sidechannel for P-256 on ppc64le in crypto/internal/nistec

...

UBUNTU-CVE-2023-24532

The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh...

Mozilla: Web Crypto ImportKey crashes tab

The Mozilla Foundation Security Advisory describes this flaw as: When importing a SPKI RSA public key as ECDSA P-256, the key would be handled incorrectly causing the tab to crash...

golang: crypto/elliptic: panic caused by oversized scalar

An integer overflow flaw was found in Golang's crypto/elliptic library. This flaw allows an attacker to use a crafted scaler input longer than 32 bytes, causing P256.ScalarMult or P256.ScalarBaseMult to panic, leading to a loss of availability...

CVE-2020-13895

Crypt::Perl::ECDSA in the Crypt::Perl aka p5-Crypt-Perl module before 0.32 for Perl fails to verify correct ECDSA signatures when r and s are small and when s = 1. This happens when using the curve secp256r1 prime256v1. This could conceivably have a security-relevant impact if an attacker wishes ...

Design/Logic Flaw

Crypt::Perl::ECDSA in the Crypt::Perl aka p5-Crypt-Perl module before 0.32 for Perl fails to verify correct ECDSA signatures when r and s are small and when s = 1. This happens when using the curve secp256r1 prime256v1. This could conceivably have a security-relevant impact if an attacker wishes ...

CVE-2020-13895

Crypt::Perl::ECDSA in the Crypt::Perl aka p5-Crypt-Perl module before 0.32 for Perl fails to verify correct ECDSA signatures when r and s are small and when s = 1. This happens when using the curve secp256r1 prime256v1. This could conceivably have a security-relevant impact if an attacker wishes ...