Bug 2223355 (CVE-2023-24532) - CVE-2023-24532 golang: crypto/internal/nistec: specific unreduced P-256 scalars produce incorrect results
Summary: CVE-2023-24532 golang: crypto/internal/nistec: specific unreduced P-256 scala...
Keywords:
Status: NEW
Alias: CVE-2023-24532
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Nobody
QA Contact:
URL:
Whiteboard:
Depends On: 2223364 2223365 2223366 2223368 2223369 2223371 2223372 2223373 2223374 2223375 2223376 2223367 2223370 2224011
Blocks: 2223394
TreeView+ depends on / blocked
 
Reported: 2023-07-17 13:16 UTC by Avinash Hanwate
Modified: 2023-08-14 01:03 UTC (History)
83 users (show)

Fixed In Version: Go 1.20.2 and Go 1.19.7
Doc Type: ---
Doc Text:
A flaw was found in the crypto/internal/nistec golang library. The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars, such as a scalar larger than the order of the curve. This does not impact usages of crypto/ecdsa or crypto/ecdh.
Clone Of:
Environment:
Last Closed:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2023:4627 0 None None None 2023-08-14 01:03:08 UTC

Description Avinash Hanwate 2023-07-17 13:16:33 UTC
The ScalarMult and ScalarBaseMult methods of the P256 Curve may return an incorrect result if called with some specific unreduced scalars (a scalar larger than the order of the curve). This does not impact usages of crypto/ecdsa or crypto/ecdh.

https://go.dev/cl/471255
https://pkg.go.dev/vuln/GO-2023-1621
https://groups.google.com/g/golang-announce/c/3-TpUx48iQY
https://go.dev/issue/58647

Comment 1 Avinash Hanwate 2023-07-17 13:53:13 UTC
Created golang tracking bugs for this issue:

Affects: epel-all [bug 2223364]
Affects: fedora-all [bug 2223365]

Comment 6 errata-xmlrpc 2023-08-14 01:03:05 UTC
This issue has been addressed in the following products:

  MTA-6.2-RHEL-9
  MTA-6.2-RHEL-8

Via RHSA-2023:4627 https://access.redhat.com/errata/RHSA-2023:4627


Note You need to log in before you can comment on or make changes to this bug.