Bug 2497528 - CVE-2026-14570 perl-Crypt-DSA: Crypt::DSA: Private key recovery due to biased random number generation [epel-all]
Summary: CVE-2026-14570 perl-Crypt-DSA: Crypt::DSA: Private key recovery due to biased...
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: perl-Crypt-DSA
Version: epel10
Hardware: Unspecified
OS: Unspecified
high
high
Target Milestone: ---
Assignee: Paul Howarth
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard: {"flaws": ["fa6c4716-7e81-4930-b2c0-9...
Depends On:
Blocks: CVE-2026-14570
TreeView+ depends on / blocked
 
Reported: 2026-07-06 21:56 UTC by Jon Weiser
Modified: 2026-07-12 00:49 UTC (History)
2 users (show)

Fixed In Version: perl-Crypt-DSA-1.22-1.el10_2 perl-Crypt-DSA-1.22-1.el10_3 perl-Crypt-DSA-1.17-31.el9 perl-Crypt-DSA-1.17-31.el8
Clone Of:
Environment:
Last Closed: 2026-07-12 00:26:45 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Jon Weiser 2026-07-06 21:56:50 UTC
Disclaimer: Community trackers are created by Red Hat Product Security team on a best effort basis. Package maintainers are required to ascertain if the flaw indeed affects their package, before starting the update process.

Crypt::DSA versions before 1.22 for Perl draw the DSA signing nonce and private key from a biased random generator, leading to private-key recovery.

"Crypt::DSA::Util::makerandom forces the high bit of every value it returns to obtain an exactly N-bit integer for prime search. The signing nonce and the private key are drawn from makerandom. Because the high bit is always set, the result is not uniform: its top bit is fixed, producing insecure values."

An attacker who collects a modest number of signatures under an affected key, together with the public key, can recover the private key with a lattice attack.

Keys used to sign with an affected version should be considered compromised and new keys should be generated.

Comment 1 Fedora Update System 2026-07-07 08:20:19 UTC
FEDORA-EPEL-2026-432fddaa41 (perl-Crypt-DSA-1.17-31.el9) has been submitted as an update to Fedora EPEL 9.
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-432fddaa41

Comment 2 Fedora Update System 2026-07-07 08:20:56 UTC
FEDORA-EPEL-2026-b426ab1b56 (perl-Crypt-DSA-1.17-31.el8) has been submitted as an update to Fedora EPEL 8.
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-b426ab1b56

Comment 3 Fedora Update System 2026-07-07 08:21:23 UTC
FEDORA-EPEL-2026-49e427dec0 (perl-Crypt-DSA-1.22-1.el10_3) has been submitted as an update to Fedora EPEL 10.3.
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-49e427dec0

Comment 4 Fedora Update System 2026-07-07 08:21:49 UTC
FEDORA-EPEL-2026-121cfa24e8 (perl-Crypt-DSA-1.22-1.el10_2) has been submitted as an update to Fedora EPEL 10.2.
https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2026-121cfa24e8

Comment 5 Fedora Update System 2026-07-12 00:26:45 UTC
FEDORA-EPEL-2026-121cfa24e8 (perl-Crypt-DSA-1.22-1.el10_2) has been pushed to the Fedora EPEL 10.2 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 6 Fedora Update System 2026-07-12 00:26:54 UTC
FEDORA-EPEL-2026-49e427dec0 (perl-Crypt-DSA-1.22-1.el10_3) has been pushed to the Fedora EPEL 10.3 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 7 Fedora Update System 2026-07-12 00:41:06 UTC
FEDORA-EPEL-2026-432fddaa41 (perl-Crypt-DSA-1.17-31.el9) has been pushed to the Fedora EPEL 9 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 8 Fedora Update System 2026-07-12 00:49:43 UTC
FEDORA-EPEL-2026-b426ab1b56 (perl-Crypt-DSA-1.17-31.el8) has been pushed to the Fedora EPEL 8 stable repository.
If problem still persists, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.