- Home
- CVEs with nessus.description==There is a carry propagating bug in the Broadwell-specific Montgomery
multiplication procedure in OpenSSL 1.0.2 and 1.1.0 before 1.1.0c that
handles input lengths divisible by, but longer than 256 bits. Analysis
suggests that attacks against RSA, DSA and DH private keys are
impossible. This is because the subroutine in question is not used in
operations with the private key itself and an input of the attacker's
direct choice. Otherwise the bug can manifest itself as transient
authentication and key negotiation failures or reproducible erroneous
outcome of public-key operations with specially crafted input. Among
EC algorithms only Brainpool P-512 curves are affected and one
presumably can attack ECDH key negotiation.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top