1. CVE-Search
  2. CVE-2015-8804
ID CVE-2015-8804
Summary x86_64/ecc-384-modp.asm in Nettle before 3.2 does not properly handle carry propagation and produces incorrect output in its implementation of the P-384 NIST elliptic curve, which allows attackers to have unspecified impact via unknown vectors.
References
Vulnerable Configurations
  • cpe:2.3:a:nettle_project:nettle:-:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:-:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:2.0:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:2.1:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:2.1:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:2.2:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:2.2:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:2.3:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:2.3:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:2.4:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:2.4:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:2.5:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:2.5:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:2.6:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:2.6:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:2.7:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:2.7:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:3.1:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:3.1:*:*:*:*:*:*:*
  • cpe:2.3:a:nettle_project:nettle:3.1.1:*:*:*:*:*:*:*
    cpe:2.3:a:nettle_project:nettle:3.1.1:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
CVSS
Base: 7.5 (as of 30-10-2018 - 16:27)
Impact:
Exploitability:
CWE CWE-310
CAPEC
  • Signature Spoofing by Key Recreation
    An attacker obtains an authoritative or reputable signer's private signature key by exploiting a cryptographic weakness in the signature algorithm or pseudorandom number generation and then uses this key to forge signatures from the original signer to mislead a victim into performing actions that benefit the attacker.
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:N/AC:L/Au:N/C:P/I:P/A:P
redhat via4
advisories
rhsa
id RHSA-2016:2582
rpms
  • nettle-0:2.7.1-8.el7
  • nettle-debuginfo-0:2.7.1-8.el7
  • nettle-devel-0:2.7.1-8.el7
refmap via4
confirm https://git.lysator.liu.se/nettle/nettle/commit/fa269b6ad06dd13c901dbd84a12e52b918a09cd7
misc https://blog.fuzzing-project.org/38-Miscomputations-of-elliptic-curve-scalar-multiplications-in-Nettle.html
mlist
  • [info-gnu] 20160128 ANNOUNCE: Nettle-3.2
  • [nettle-bugs] 20151211 Miscalculations on secp384 curve
  • [oss-security] 20160202 Miscomputations of elliptic curve scalar multiplications in Nettle
  • [oss-security] 20160202 Re: Miscomputations of elliptic curve scalar multiplications in Nettle
suse
  • openSUSE-SU-2016:0475
  • openSUSE-SU-2016:0477
  • openSUSE-SU-2016:0486
ubuntu USN-2897-1
Last major update 30-10-2018 - 16:27
Published 23-02-2016 - 19:59
Last modified 30-10-2018 - 16:27
Back to Top