logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2015-8803

Description

The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015-8805. #### Bugs * <https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=813679>


Affected Package


OS OS Version Package Name Package Version
ubuntu 14.04 nettle 2.7.1-1ubuntu0.1
ubuntu upstream nettle 3.2
ubuntu 15.10 nettle 3.1.1-4ubuntu0.1

Related