ID CVE-2015-8803
Summary The ecc_256_modp function in ecc-256.c in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-256 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors, a different vulnerability than CVE-2015-8805.
References
Vulnerable Configurations
  • cpe:2.3:a:nettle_project:nettle:-:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:-:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:2.3:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:2.4:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:2.5:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:2.6:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:2.7:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:3.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:3.1.1:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 30-10-2018 - 16:27)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
rhsa
id RHSA-2016:2582
rpms
  • nettle-0:2.7.1-8.el7
  • nettle-debuginfo-0:2.7.1-8.el7
  • nettle-devel-0:2.7.1-8.el7
refmap via4
confirm https://git.lysator.liu.se/nettle/nettle/commit/c71d2c9d20eeebb985e3872e4550137209e3ce4d
fedora
  • FEDORA-2016-89968f88d2
  • FEDORA-2016-8ee88aee21
  • FEDORA-2016-aa00f0631d
misc https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html
mlist
  • [info-gnu] 20160128 ANNOUNCE: Nettle-3.2
  • [nettle-bugs] 20151212 secp256 calculation bug (already fixed)
  • [oss-security] 20160202 Miscomputations of elliptic curve scalar multiplications in Nettle
  • [oss-security] 20160202 Re: Miscomputations of elliptic curve scalar multiplications in Nettle
suse
  • openSUSE-SU-2016:0475
  • openSUSE-SU-2016:0477
  • openSUSE-SU-2016:0486
ubuntu USN-2897-1
Last major update 30-10-2018 - 16:27
Published 23-02-2016 - 19:59
Last modified 30-10-2018 - 16:27
Back to Top