cvelistv5 - cve-2024-31497

CVE-2024-31497 (GCVE-0-2024-31497)

Vulnerability from cvelistv5

Published

2024-04-15 00:00

Modified

2025-03-27 14:54

Severity ?

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE

Summary

In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim's private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim's private key) can derive the victim's private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6.

References

URL

Tags

cve@mitre.org	http://www.openwall.com/lists/oss-security/2024/04/15/6	Mailing List, Third Party Advisory
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=2275183	Issue Tracking
cve@mitre.org	https://bugzilla.suse.com/show_bug.cgi?id=1222864	Issue Tracking
cve@mitre.org	https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty	Product
cve@mitre.org	https://filezilla-project.org/versions.php	Release Notes
cve@mitre.org	https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git	Mailing List, Patch
cve@mitre.org	https://github.com/advisories/GHSA-6p4c-r453-8743	Third Party Advisory
cve@mitre.org	https://github.com/daedalus/BreakingECDSAwithLLL	Third Party Advisory
cve@mitre.org	https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/	Mailing List, Third Party Advisory
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/	Mailing List, Third Party Advisory
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/	Mailing List, Third Party Advisory
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/	Mailing List, Third Party Advisory
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/	Mailing List, Third Party Advisory
cve@mitre.org	https://news.ycombinator.com/item?id=40044665	Issue Tracking
cve@mitre.org	https://security-tracker.debian.org/tracker/CVE-2024-31497	Third Party Advisory
cve@mitre.org	https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/	Press/Media Coverage
cve@mitre.org	https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward	Product
cve@mitre.org	https://tortoisegit.org	Third Party Advisory
cve@mitre.org	https://twitter.com/CCBalert/status/1780229237569470549	Press/Media Coverage
cve@mitre.org	https://twitter.com/lambdafu/status/1779969509522133272	Press/Media Coverage
cve@mitre.org	https://winscp.net/eng/news.php	Third Party Advisory
cve@mitre.org	https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/	Press/Media Coverage
cve@mitre.org	https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html	Release Notes, Vendor Advisory
cve@mitre.org	https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html	Vendor Advisory
cve@mitre.org	https://www.openwall.com/lists/oss-security/2024/04/15/6	Mailing List, Third Party Advisory
cve@mitre.org	https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/	Press/Media Coverage
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2024/04/15/6	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=2275183	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.suse.com/show_bug.cgi?id=1222864	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty	Product
af854a3a-2127-422b-91ae-364da2661108	https://filezilla-project.org/versions.php	Release Notes
af854a3a-2127-422b-91ae-364da2661108	https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git	Mailing List, Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/advisories/GHSA-6p4c-r453-8743	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/daedalus/BreakingECDSAwithLLL	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://news.ycombinator.com/item?id=40044665	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://security-tracker.debian.org/tracker/CVE-2024-31497	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/	Press/Media Coverage
af854a3a-2127-422b-91ae-364da2661108	https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward	Product
af854a3a-2127-422b-91ae-364da2661108	https://tortoisegit.org	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://twitter.com/CCBalert/status/1780229237569470549	Press/Media Coverage
af854a3a-2127-422b-91ae-364da2661108	https://twitter.com/lambdafu/status/1779969509522133272	Press/Media Coverage
af854a3a-2127-422b-91ae-364da2661108	https://winscp.net/eng/news.php	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/	Press/Media Coverage
af854a3a-2127-422b-91ae-364da2661108	https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.openwall.com/lists/oss-security/2024/04/15/6	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/	Press/Media Coverage
af854a3a-2127-422b-91ae-364da2661108	https://www.vicarius.io/vsociety/posts/understanding-a-critical-vulnerability-in-putty-biased-ecdsa-nonce-generation-revealing-nist-p-521-private-keys-cve-2024-31497

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "affected": [
          {
            "cpes": [
              "cpe:2.3:a:putty:putty:-:*:*:*:*:*:*:*"
            ],
            "defaultStatus": "unknown",
            "product": "putty",
            "vendor": "putty",
            "versions": [
              {
                "lessThan": "0.81",
                "status": "affected",
                "version": "0.68",
                "versionType": "semver"
              }
            ]
          }
        ],
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "HIGH",
              "attackVector": "NETWORK",
              "availabilityImpact": "NONE",
              "baseScore": 5.9,
              "baseSeverity": "MEDIUM",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2024-31497",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-04-19T04:01:10.059065Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-338",
                "description": "CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-27T14:54:48.048Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      },
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-19T07:48:01.287Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://filezilla-project.org/versions.php"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.openwall.com/lists/oss-security/2024/04/15/6"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://news.ycombinator.com/item?id=40044665"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://winscp.net/eng/news.php"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://tortoisegit.org"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/advisories/GHSA-6p4c-r453-8743"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1222864"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security-tracker.debian.org/tracker/CVE-2024-31497"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://twitter.com/lambdafu/status/1779969509522133272"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27\u0026p=simon/putty.git"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/daedalus/BreakingECDSAwithLLL"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://twitter.com/CCBalert/status/1780229237569470549"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/"
          },
          {
            "name": "FEDORA-2024-8401d42de6",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/"
          },
          {
            "name": "FEDORA-2024-ff9a2fb31c",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/"
          },
          {
            "name": "FEDORA-2024-0489e7ba1e",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/"
          },
          {
            "name": "FEDORA-2024-08a4a5ead8",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/"
          },
          {
            "name": "FEDORA-2024-cba85cc558",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/"
          },
          {
            "name": "[oss-security] 20240415 CVE-2024-31497: Secret Key Recovery of NIST P-521 Private Keys Through Biased ECDSA Nonces in PuTTY Client",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "http://www.openwall.com/lists/oss-security/2024/04/15/6"
          },
          {
            "name": "[debian-lts-announce] 20240620 [SECURITY] [DLA 3839-1] putty security update",
            "tags": [
              "mailing-list",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html"
          },
          {
            "url": "https://www.vicarius.io/vsociety/posts/understanding-a-critical-vulnerability-in-putty-biased-ecdsa-nonce-generation-revealing-nist-p-521-private-keys-cve-2024-31497"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user\u0027s NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim\u0027s private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim\u0027s private key) can derive the victim\u0027s private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-20T19:05:59.509Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
        },
        {
          "url": "https://filezilla-project.org/versions.php"
        },
        {
          "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html"
        },
        {
          "url": "https://www.openwall.com/lists/oss-security/2024/04/15/6"
        },
        {
          "url": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward"
        },
        {
          "url": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty"
        },
        {
          "url": "https://news.ycombinator.com/item?id=40044665"
        },
        {
          "url": "https://winscp.net/eng/news.php"
        },
        {
          "url": "https://tortoisegit.org"
        },
        {
          "url": "https://github.com/advisories/GHSA-6p4c-r453-8743"
        },
        {
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183"
        },
        {
          "url": "https://bugzilla.suse.com/show_bug.cgi?id=1222864"
        },
        {
          "url": "https://security-tracker.debian.org/tracker/CVE-2024-31497"
        },
        {
          "url": "https://twitter.com/lambdafu/status/1779969509522133272"
        },
        {
          "url": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27\u0026p=simon/putty.git"
        },
        {
          "url": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/"
        },
        {
          "url": "https://github.com/daedalus/BreakingECDSAwithLLL"
        },
        {
          "url": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/"
        },
        {
          "url": "https://twitter.com/CCBalert/status/1780229237569470549"
        },
        {
          "url": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/"
        },
        {
          "name": "FEDORA-2024-8401d42de6",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/"
        },
        {
          "name": "FEDORA-2024-ff9a2fb31c",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/"
        },
        {
          "name": "FEDORA-2024-0489e7ba1e",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/"
        },
        {
          "name": "FEDORA-2024-08a4a5ead8",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/"
        },
        {
          "name": "FEDORA-2024-cba85cc558",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/"
        },
        {
          "name": "[oss-security] 20240415 CVE-2024-31497: Secret Key Recovery of NIST P-521 Private Keys Through Biased ECDSA Nonces in PuTTY Client",
          "tags": [
            "mailing-list"
          ],
          "url": "http://www.openwall.com/lists/oss-security/2024/04/15/6"
        },
        {
          "name": "[debian-lts-announce] 20240620 [SECURITY] [DLA 3839-1] putty security update",
          "tags": [
            "mailing-list"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2024-31497",
    "datePublished": "2024-04-15T00:00:00.000Z",
    "dateReserved": "2024-04-04T00:00:00.000Z",
    "dateUpdated": "2025-03-27T14:54:48.048Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2024-31497\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2024-04-15T20:15:11.077\",\"lastModified\":\"2025-03-27T15:15:51.690\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user\u0027s NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim\u0027s private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim\u0027s private key) can derive the victim\u0027s private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6.\"},{\"lang\":\"es\",\"value\":\"En PuTTY 0.68 a 0.80 antes de 0.81, la generaci\u00f3n nonce ECDSA sesgada permite a un atacante recuperar la clave secreta NIST P-521 de un usuario mediante un ataque r\u00e1pido en aproximadamente 60 firmas. Esto es especialmente importante en un escenario en el que un adversario puede leer mensajes firmados por PuTTY o Pageant. El conjunto requerido de mensajes firmados puede ser legible p\u00fablicamente porque est\u00e1n almacenados en un servicio p\u00fablico Git que admite el uso de SSH para la firma de confirmaci\u00f3n, y Pageant realiz\u00f3 las firmas a trav\u00e9s de un mecanismo de reenv\u00edo de agentes. En otras palabras, es posible que un adversario ya tenga suficiente informaci\u00f3n de firma para comprometer la clave privada de una v\u00edctima, incluso si no se utilizan m\u00e1s versiones vulnerables de PuTTY. Despu\u00e9s de un compromiso clave, un adversario puede realizar ataques a la cadena de suministro del software mantenido en Git. Un segundo escenario independiente es que el adversario sea un operador de un servidor SSH en el que la v\u00edctima se autentica (para inicio de sesi\u00f3n remoto o copia de archivos), aunque la v\u00edctima no conf\u00ede plenamente en este servidor y la v\u00edctima utilice la misma clave privada. para conexiones SSH a otros servicios operados por otras entidades. Aqu\u00ed, el operador del servidor fraudulento (que de otro modo no tendr\u00eda forma de determinar la clave privada de la v\u00edctima) puede obtener la clave privada de la v\u00edctima y luego usarla para acceder no autorizado a esos otros servicios. Si los otros servicios incluyen servicios Git, nuevamente es posible realizar ataques a la cadena de suministro del software mantenido en Git. Esto tambi\u00e9n afecta, por ejemplo, a FileZilla anterior a 3.67.0, WinSCP anterior a 6.3.3, TortoiseGit anterior a 2.15.0.1 y TortoiseSVN hasta 1.14.6.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-338\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-338\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"0.68\",\"versionEndExcluding\":\"0.81\",\"matchCriteriaId\":\"E0D6294C-4365-4187-8053-35F3AAC5229F\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:filezilla-project:filezilla_client:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"3.67.0\",\"matchCriteriaId\":\"A0E9886A-527F-444B-AFB3-33CF777182CC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"6.3.3\",\"matchCriteriaId\":\"5DA80FE9-039E-4BF4-AC16-6E65FFAB22A2\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tortoisegit:tortoisegit:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"2.15.0.1\",\"matchCriteriaId\":\"A1C171EB-2081-44AC-9017-B3BA3A88B10A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:tigris:tortoisesvn:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"1.14.6\",\"matchCriteriaId\":\"26F28A31-E86D-43C1-8043-2B8ECD723AF7\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CC559B26-5DFC-4B7A-A27C-B77DE755DFF9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA277A6C-83EC-4536-9125-97B84C4FAF59\"}]}]}],\"references\":[{\"url\":\"http://www.openwall.com/lists/oss-security/2024/04/15/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2275183\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1222864\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://filezilla-project.org/versions.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27\u0026p=simon/putty.git\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://github.com/advisories/GHSA-6p4c-r453-8743\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/daedalus/BreakingECDSAwithLLL\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=40044665\",\"source\":\"cve@mitre.org\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2024-31497\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward\",\"source\":\"cve@mitre.org\",\"tags\":[\"Product\"]},{\"url\":\"https://tortoisegit.org\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://twitter.com/CCBalert/status/1780229237569470549\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://twitter.com/lambdafu/status/1779969509522133272\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://winscp.net/eng/news.php\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2024/04/15/6\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"http://www.openwall.com/lists/oss-security/2024/04/15/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=2275183\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://bugzilla.suse.com/show_bug.cgi?id=1222864\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://filezilla-project.org/versions.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\"]},{\"url\":\"https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27\u0026p=simon/putty.git\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\"]},{\"url\":\"https://github.com/advisories/GHSA-6p4c-r453-8743\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://github.com/daedalus/BreakingECDSAwithLLL\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://news.ycombinator.com/item?id=40044665\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\"]},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2024-31497\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Product\"]},{\"url\":\"https://tortoisegit.org\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://twitter.com/CCBalert/status/1780229237569470549\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://twitter.com/lambdafu/status/1779969509522133272\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://winscp.net/eng/news.php\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Release Notes\",\"Vendor Advisory\"]},{\"url\":\"https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.openwall.com/lists/oss-security/2024/04/15/6\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Press/Media Coverage\"]},{\"url\":\"https://www.vicarius.io/vsociety/posts/understanding-a-critical-vulnerability-in-putty-biased-ecdsa-nonce-generation-revealing-nist-p-521-private-keys-cve-2024-31497\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://filezilla-project.org/versions.php\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.openwall.com/lists/oss-security/2024/04/15/6\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://news.ycombinator.com/item?id=40044665\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://winscp.net/eng/news.php\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://tortoisegit.org\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/advisories/GHSA-6p4c-r453-8743\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2275183\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1222864\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2024-31497\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://twitter.com/lambdafu/status/1779969509522133272\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27\u0026p=simon/putty.git\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://github.com/daedalus/BreakingECDSAwithLLL\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://twitter.com/CCBalert/status/1780229237569470549\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/\", \"name\": \"FEDORA-2024-8401d42de6\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/\", \"name\": \"FEDORA-2024-ff9a2fb31c\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/\", \"name\": \"FEDORA-2024-0489e7ba1e\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/\", \"name\": \"FEDORA-2024-08a4a5ead8\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/\", \"name\": \"FEDORA-2024-cba85cc558\", \"tags\": [\"vendor-advisory\", \"x_transferred\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/15/6\", \"name\": \"[oss-security] 20240415 CVE-2024-31497: Secret Key Recovery of NIST P-521 Private Keys Through Biased ECDSA Nonces in PuTTY Client\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html\", \"name\": \"[debian-lts-announce] 20240620 [SECURITY] [DLA 3839-1] putty security update\", \"tags\": [\"mailing-list\", \"x_transferred\"]}, {\"url\": \"https://www.vicarius.io/vsociety/posts/understanding-a-critical-vulnerability-in-putty-biased-ecdsa-nonce-generation-revealing-nist-p-521-private-keys-cve-2024-31497\"}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-19T07:48:01.287Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.9, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"NONE\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-31497\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-04-19T04:01:10.059065Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:putty:putty:-:*:*:*:*:*:*:*\"], \"vendor\": \"putty\", \"product\": \"putty\", \"versions\": [{\"status\": \"affected\", \"version\": \"0.68\", \"lessThan\": \"0.81\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unknown\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-338\", \"description\": \"CWE-338 Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-04-24T14:01:19.912Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"references\": [{\"url\": \"https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html\"}, {\"url\": \"https://filezilla-project.org/versions.php\"}, {\"url\": \"https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html\"}, {\"url\": \"https://www.openwall.com/lists/oss-security/2024/04/15/6\"}, {\"url\": \"https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward\"}, {\"url\": \"https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty\"}, {\"url\": \"https://news.ycombinator.com/item?id=40044665\"}, {\"url\": \"https://winscp.net/eng/news.php\"}, {\"url\": \"https://tortoisegit.org\"}, {\"url\": \"https://github.com/advisories/GHSA-6p4c-r453-8743\"}, {\"url\": \"https://bugzilla.redhat.com/show_bug.cgi?id=2275183\"}, {\"url\": \"https://bugzilla.suse.com/show_bug.cgi?id=1222864\"}, {\"url\": \"https://security-tracker.debian.org/tracker/CVE-2024-31497\"}, {\"url\": \"https://twitter.com/lambdafu/status/1779969509522133272\"}, {\"url\": \"https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27\u0026p=simon/putty.git\"}, {\"url\": \"https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/\"}, {\"url\": \"https://github.com/daedalus/BreakingECDSAwithLLL\"}, {\"url\": \"https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/\"}, {\"url\": \"https://twitter.com/CCBalert/status/1780229237569470549\"}, {\"url\": \"https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/\"}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/\", \"name\": \"FEDORA-2024-8401d42de6\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/\", \"name\": \"FEDORA-2024-ff9a2fb31c\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/\", \"name\": \"FEDORA-2024-0489e7ba1e\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/\", \"name\": \"FEDORA-2024-08a4a5ead8\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/\", \"name\": \"FEDORA-2024-cba85cc558\", \"tags\": [\"vendor-advisory\"]}, {\"url\": \"http://www.openwall.com/lists/oss-security/2024/04/15/6\", \"name\": \"[oss-security] 20240415 CVE-2024-31497: Secret Key Recovery of NIST P-521 Private Keys Through Biased ECDSA Nonces in PuTTY Client\", \"tags\": [\"mailing-list\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html\", \"name\": \"[debian-lts-announce] 20240620 [SECURITY] [DLA 3839-1] putty security update\", \"tags\": [\"mailing-list\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user\u0027s NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim\u0027s private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim\u0027s private key) can derive the victim\u0027s private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\", \"dateUpdated\": \"2024-06-20T19:05:59.509Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2024-31497\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-03-27T14:54:48.048Z\", \"dateReserved\": \"2024-04-04T00:00:00.000Z\", \"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"datePublished\": \"2024-04-15T00:00:00.000Z\", \"assignerShortName\": \"mitre\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

wid-sec-w-2024-0866

Vulnerability from csaf_certbund

Published

2024-04-15 22:00

Modified

2024-07-04 22:00

Summary

PuTTY: Schwachstelle ermöglicht Erlangen des privaten Schlüssels

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung

PuTTY ist ein freier, Open Source Terminal Emulator der als Client für SSH, Telnet, rlogin und die Serielle Konsole dient. FileZilla ist eine Software zur Dateiübertragung. WinSCP dient dem sicheren Dateitransfer auf Basis von SSH. TortoiseGit ist eine grafische Benutzeroberfläche für die Versionsverwaltungssoftware Git.

Angriff

Ein entfernter, anonymer Angreifer kann eine Schwachstelle in PuTTY und Anwendungen, die PuTTY nutzen, wie z.B. FileZilla, WinSCP und TortoiseGit ausnutzen, um bei 521-bit ECDSA den privaten Schlüssel des Nutzers zu erlangen.

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "PuTTY ist ein freier, Open Source Terminal Emulator der als Client f\u00fcr SSH, Telnet, rlogin und die Serielle Konsole dient.\r\nFileZilla ist eine Software zur Datei\u00fcbertragung.\r\nWinSCP dient dem sicheren Dateitransfer auf Basis von SSH.\r\nTortoiseGit ist eine grafische Benutzeroberfl\u00e4che f\u00fcr die Versionsverwaltungssoftware Git.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in PuTTY und Anwendungen, die PuTTY nutzen, wie z.B. FileZilla, WinSCP und TortoiseGit ausnutzen, um bei 521-bit ECDSA den privaten Schl\u00fcssel des Nutzers zu erlangen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0866 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0866.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0866 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0866"
      },
      {
        "category": "external",
        "summary": "PuTTY vulnerability vuln-p521-bias vom 2024-04-15",
        "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-8401D42DE6 vom 2024-04-16",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-8401d42de6"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-0489E7BA1E vom 2024-04-16",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-0489e7ba1e"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-FF9A2FB31C vom 2024-04-16",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-ff9a2fb31c"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-D85C1F7450 vom 2024-04-17",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-d85c1f7450"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-EPEL-2024-79F96E9D05 vom 2024-04-17",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-79f96e9d05"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-08A4A5EAD8 vom 2024-04-17",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-08a4a5ead8"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-CBA85CC558 vom 2024-04-17",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-cba85cc558"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-EPEL-2024-99CF4E74B7 vom 2024-04-17",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-99cf4e74b7"
      },
      {
        "category": "external",
        "summary": "Citrix Security Advisory CTX633416 vom 2024-05-08",
        "url": "https://support.citrix.com/article/CTX633416"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3839 vom 2024-06-20",
        "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html"
      },
      {
        "category": "external",
        "summary": "Gentoo Linux Security Advisory GLSA-202407-11 vom 2024-07-05",
        "url": "https://security.gentoo.org/glsa/202407-11"
      }
    ],
    "source_lang": "en-US",
    "title": "PuTTY: Schwachstelle erm\u00f6glicht Erlangen des privaten Schl\u00fcssels",
    "tracking": {
      "current_release_date": "2024-07-04T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:07:39.067+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-0866",
      "initial_release_date": "2024-04-15T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-04-15T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-04-16T22:00:00.000+00:00",
          "number": "2",
          "summary": "Update WinSCP verf\u00fcgbar"
        },
        {
          "date": "2024-04-17T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Fedora aufgenommen"
        },
        {
          "date": "2024-05-09T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Citrix aufgenommen"
        },
        {
          "date": "2024-06-20T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-07-04T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Gentoo aufgenommen"
        }
      ],
      "status": "final",
      "version": "6"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Citrix Systems Hypervisor",
            "product": {
              "name": "Citrix Systems Hypervisor",
              "product_id": "T016872",
              "product_identification_helper": {
                "cpe": "cpe:/o:citrix:hypervisor:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Citrix Systems XenServer",
            "product": {
              "name": "Citrix Systems XenServer",
              "product_id": "T004077",
              "product_identification_helper": {
                "cpe": "cpe:/a:citrix:xenserver:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Citrix Systems"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Gentoo Linux",
            "product": {
              "name": "Gentoo Linux",
              "product_id": "T012167",
              "product_identification_helper": {
                "cpe": "cpe:/o:gentoo:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Gentoo"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c3.67.0",
                "product": {
                  "name": "Open Source FileZilla \u003c3.67.0",
                  "product_id": "T034122"
                }
              }
            ],
            "category": "product_name",
            "name": "FileZilla"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=0.68",
                "product": {
                  "name": "Open Source PuTTY \u003e=0.68",
                  "product_id": "T009529"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c0.81",
                "product": {
                  "name": "Open Source PuTTY \u003c0.81",
                  "product_id": "T034121"
                }
              }
            ],
            "category": "product_name",
            "name": "PuTTY"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2.15.0.1",
                "product": {
                  "name": "Open Source TortoiseGit \u003c2.15.0.1",
                  "product_id": "T034124"
                }
              }
            ],
            "category": "product_name",
            "name": "TortoiseGit"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c6.3.3",
                "product": {
                  "name": "Open Source WinSCP \u003c6.3.3",
                  "product_id": "T034123"
                }
              }
            ],
            "category": "product_name",
            "name": "WinSCP"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-31497",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in PuTTY und Anwendungen, die PuTTY nutzen, wie z.B. FileZilla, WinSCP und TortoiseGit. Bei der Berechnung von 521-bit ECDSA Signaturen (z.B. ecdsa-sha2-nistp521) wird ein schwacher NONCE verwendet. Ein Angreifer kann bei Kenntnis ausreichend vieler mit einem Schl\u00fcssel angefertigten Signaturen den verwendeten privaten Schl\u00fcssel rekonstruieren. Derartige Signaturen k\u00f6nnen z.B. \u00f6ffentliche Commit-Signaturen in Git-Systemen sein. Die Entwickler weisen darauf hin, dass ECDSA Verfahren mit anderen Schl\u00fcssell\u00e4ngen und insbesondere \"Ed25519\" nicht betroffen sind. Nutzern wird empfohlen, betroffene Schl\u00fcssel nicht mehr zu verwenden und insbesondere die SSH Berechtigung f\u00fcr diese Schl\u00fcssel zu entziehen (aus der \"authorized_keys\" Datei entfernen)."
        }
      ],
      "product_status": {
        "known_affected": [
          "T004077",
          "2951",
          "T012167",
          "T016872",
          "74185"
        ]
      },
      "release_date": "2024-04-15T22:00:00.000+00:00",
      "title": "CVE-2024-31497"
    }
  ]
}

bsi-2024-0001

Vulnerability from csaf_certbund

Published

2024-04-15 19:00

Modified

2024-04-15 19:00

Summary

Secret Key Recovery of NIST P-521 Private Keys through biased ECDSA nonces in PuTTY client

Notes

Legal disclaimer

As a content provider, BSI is responsible under general law for its own content distributed for use. However, it remains your responsibility to carefully check usage and/or implementation of information provided with the content.

Summary

The PuTTY client and all related components generate heavily biased ECDSA nonces in the case of NIST P-521. This allows for full secret key recovery in roughly 60 signatures by using state-of-the-art techniques. These signatures can either be harvested by a malicious server (machine-in-the-middle attacks are not possible given that clients do not transmit their signature in the clear) or from any other source, e.g. signed git commits through forwarded agents.

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Fabian B\u00e4umer",
          "Marcus Brinkmann"
        ],
        "organization": "Ruhr University Bochum",
        "summary": "finding and reporting the vulnerability"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "As a content provider, BSI is responsible under general law for its own content distributed for use. However, it remains your responsibility to carefully check usage and/or implementation of information provided with the content.",
        "title": "Legal disclaimer"
      },
      {
        "category": "summary",
        "text": "The PuTTY client and all related components generate heavily biased ECDSA nonces in the case of NIST P-521. This allows for full secret key recovery in roughly 60 signatures by using state-of-the-art techniques. These signatures can either be harvested by a malicious server (machine-in-the-middle attacks are not possible given that clients do not transmit their signature in the clear) or from any other source, e.g. signed git commits through forwarded agents.",
        "title": "Summary"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "BSI-2024-0001 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/bsi-2024-0001.json"
      }
    ],
    "title": "Secret Key Recovery of NIST P-521 Private Keys through biased ECDSA nonces in PuTTY client",
    "tracking": {
      "current_release_date": "2024-04-15T19:00:00.000Z",
      "generator": {
        "date": "2024-04-15T06:53:52.394Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.2"
        }
      },
      "id": "BSI-2024-0001",
      "initial_release_date": "2024-04-15T19:00:00.000Z",
      "revision_history": [
        {
          "date": "2024-04-15T19:00:00.000Z",
          "number": "1",
          "summary": "Initial version."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=0.68|\u003c=0.80",
                "product": {
                  "name": "PuTTY client 0.68 - 0.80",
                  "product_id": "CSAFPID-0001"
                }
              },
              {
                "category": "product_version",
                "name": "0.81",
                "product": {
                  "name": "PuTTY client 0.81",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "PuTTY"
          }
        ],
        "category": "vendor",
        "name": "PuTTY"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=3.24.1|\u003c=3.66.5",
                "product": {
                  "name": "FileZilla Client 3.24.1 - 3.66.5",
                  "product_id": "CSAFPID-0003"
                }
              },
              {
                "category": "product_version",
                "name": "3.67.0",
                "product": {
                  "name": "FileZilla Client 3.67.0",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "FileZilla Client"
          }
        ],
        "category": "vendor",
        "name": "FileZilla"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=5.9.5|\u003c=6.3.2",
                "product": {
                  "name": "WinSCP 5.9.5 - 6.3.2",
                  "product_id": "CSAFPID-0005"
                }
              },
              {
                "category": "product_version",
                "name": "6.3.3",
                "product": {
                  "name": "WinSCP 6.3.3",
                  "product_id": "CSAFPID-0010"
                }
              }
            ],
            "category": "product_name",
            "name": "WinSCP"
          }
        ],
        "category": "vendor",
        "name": "WinSCP"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=2.4.0.2|\u003c=2.15.0.0",
                "product": {
                  "name": "TortoiseGit 2.4.0.2 - 2.15.0.0",
                  "product_id": "CSAFPID-0006"
                }
              },
              {
                "category": "product_version",
                "name": "2.15.0.1",
                "product": {
                  "name": "TortoiseGit 2.15.0.1",
                  "product_id": "CSAFPID-0007"
                }
              }
            ],
            "category": "product_name",
            "name": "TortoiseGit"
          }
        ],
        "category": "vendor",
        "name": "TortoiseGit"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=1.10.0|\u003c=1.14.6",
                "product": {
                  "name": "TortoiseSVN 1.10.0 - 1.14.6",
                  "product_id": "CSAFPID-0008"
                }
              },
              {
                "category": "product_version",
                "name": "1.14.7",
                "product": {
                  "name": "TortoiseSVN 1.14.7",
                  "product_id": "CSAFPID-0009"
                }
              }
            ],
            "category": "product_name",
            "name": "TortoiseSVN"
          }
        ],
        "category": "vendor",
        "name": "TortoiseSVN"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-31497",
      "cwe": {
        "id": "CWE-334",
        "name": "Small Space of Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "The PuTTY client and all related components generate heavily biased ECDSA nonces in the case of NIST P-521. This allows for full secret key recovery in roughly 60 signatures by using state-of-the-art techniques. These signatures can either be harvested by a malicious server (machine-in-the-middle attacks are not possible given that clients do not transmit their signature in the clear) or from any other source, e.g. signed git commits through forwarded agents.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-0002",
          "CSAFPID-0004",
          "CSAFPID-0010",
          "CSAFPID-0007",
          "CSAFPID-0009"
        ],
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0003",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0008"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE Record",
          "url": "https://cveawg.mitre.org/api/cve/CVE-2024-31497"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-04-15T19:00:00.000Z",
          "details": "Update to the latest version of the product. At least version 0.61.\nAdditionally, any key material using NIST P-521 must be revoke/discard and new keys have to be generated.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html"
        },
        {
          "category": "vendor_fix",
          "date": "2024-04-15T19:00:00.000Z",
          "details": "Update to the latest version of the product. At least version 3.67.0.",
          "product_ids": [
            "CSAFPID-0003"
          ],
          "url": "https://filezilla-project.org/download.php?type=client"
        },
        {
          "category": "vendor_fix",
          "date": "2024-04-15T19:00:00.000Z",
          "details": "Update to the latest version of the product. At least version 6.3.3.",
          "product_ids": [
            "CSAFPID-0005"
          ],
          "url": "https://winscp.net/eng/download.php"
        },
        {
          "category": "vendor_fix",
          "date": "2024-04-15T19:00:00.000Z",
          "details": "Update to the latest version of the product. At least version 2.15.0.1.",
          "product_ids": [
            "CSAFPID-0006"
          ],
          "url": "https://tortoisegit.org/download/"
        },
        {
          "category": "workaround",
          "date": "2024-04-15T19:00:00.000Z",
          "details": "As long as there is no official patch available: Configure TortoiseSVN to use PuTTY\u0027s latest plink.exe instead of the included exe. ",
          "product_ids": [
            "CSAFPID-0008"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 10,
            "environmentalSeverity": "CRITICAL",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "temporalScore": 10,
            "temporalSeverity": "CRITICAL",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        },
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.3,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "temporalScore": 8.2,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0003",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0008"
          ]
        }
      ],
      "title": "Secret Key Recovery of NIST P-521 Private Keys through biased ECDSA nonces in PuTTY client"
    }
  ]
}

BSI-2024-0001

Vulnerability from csaf_certbund

Published

2024-04-15 19:00

Modified

2024-04-15 19:00

Summary

Secret Key Recovery of NIST P-521 Private Keys through biased ECDSA nonces in PuTTY client

Notes

Legal disclaimer

Summary

JSON

To clipboard

{
  "document": {
    "acknowledgments": [
      {
        "names": [
          "Fabian B\u00e4umer",
          "Marcus Brinkmann"
        ],
        "organization": "Ruhr University Bochum",
        "summary": "finding and reporting the vulnerability"
      }
    ],
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en-US",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "As a content provider, BSI is responsible under general law for its own content distributed for use. However, it remains your responsibility to carefully check usage and/or implementation of information provided with the content.",
        "title": "Legal disclaimer"
      },
      {
        "category": "summary",
        "text": "The PuTTY client and all related components generate heavily biased ECDSA nonces in the case of NIST P-521. This allows for full secret key recovery in roughly 60 signatures by using state-of-the-art techniques. These signatures can either be harvested by a malicious server (machine-in-the-middle attacks are not possible given that clients do not transmit their signature in the clear) or from any other source, e.g. signed git commits through forwarded agents.",
        "title": "Summary"
      }
    ],
    "publisher": {
      "category": "coordinator",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "BSI-2024-0001 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/bsi-2024-0001.json"
      }
    ],
    "title": "Secret Key Recovery of NIST P-521 Private Keys through biased ECDSA nonces in PuTTY client",
    "tracking": {
      "current_release_date": "2024-04-15T19:00:00.000Z",
      "generator": {
        "date": "2024-04-15T06:53:52.394Z",
        "engine": {
          "name": "Secvisogram",
          "version": "2.5.2"
        }
      },
      "id": "BSI-2024-0001",
      "initial_release_date": "2024-04-15T19:00:00.000Z",
      "revision_history": [
        {
          "date": "2024-04-15T19:00:00.000Z",
          "number": "1",
          "summary": "Initial version."
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=0.68|\u003c=0.80",
                "product": {
                  "name": "PuTTY client 0.68 - 0.80",
                  "product_id": "CSAFPID-0001"
                }
              },
              {
                "category": "product_version",
                "name": "0.81",
                "product": {
                  "name": "PuTTY client 0.81",
                  "product_id": "CSAFPID-0002"
                }
              }
            ],
            "category": "product_name",
            "name": "PuTTY"
          }
        ],
        "category": "vendor",
        "name": "PuTTY"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=3.24.1|\u003c=3.66.5",
                "product": {
                  "name": "FileZilla Client 3.24.1 - 3.66.5",
                  "product_id": "CSAFPID-0003"
                }
              },
              {
                "category": "product_version",
                "name": "3.67.0",
                "product": {
                  "name": "FileZilla Client 3.67.0",
                  "product_id": "CSAFPID-0004"
                }
              }
            ],
            "category": "product_name",
            "name": "FileZilla Client"
          }
        ],
        "category": "vendor",
        "name": "FileZilla"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=5.9.5|\u003c=6.3.2",
                "product": {
                  "name": "WinSCP 5.9.5 - 6.3.2",
                  "product_id": "CSAFPID-0005"
                }
              },
              {
                "category": "product_version",
                "name": "6.3.3",
                "product": {
                  "name": "WinSCP 6.3.3",
                  "product_id": "CSAFPID-0010"
                }
              }
            ],
            "category": "product_name",
            "name": "WinSCP"
          }
        ],
        "category": "vendor",
        "name": "WinSCP"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=2.4.0.2|\u003c=2.15.0.0",
                "product": {
                  "name": "TortoiseGit 2.4.0.2 - 2.15.0.0",
                  "product_id": "CSAFPID-0006"
                }
              },
              {
                "category": "product_version",
                "name": "2.15.0.1",
                "product": {
                  "name": "TortoiseGit 2.15.0.1",
                  "product_id": "CSAFPID-0007"
                }
              }
            ],
            "category": "product_name",
            "name": "TortoiseGit"
          }
        ],
        "category": "vendor",
        "name": "TortoiseGit"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=1.10.0|\u003c=1.14.6",
                "product": {
                  "name": "TortoiseSVN 1.10.0 - 1.14.6",
                  "product_id": "CSAFPID-0008"
                }
              },
              {
                "category": "product_version",
                "name": "1.14.7",
                "product": {
                  "name": "TortoiseSVN 1.14.7",
                  "product_id": "CSAFPID-0009"
                }
              }
            ],
            "category": "product_name",
            "name": "TortoiseSVN"
          }
        ],
        "category": "vendor",
        "name": "TortoiseSVN"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-31497",
      "cwe": {
        "id": "CWE-334",
        "name": "Small Space of Random Values"
      },
      "notes": [
        {
          "category": "description",
          "text": "The PuTTY client and all related components generate heavily biased ECDSA nonces in the case of NIST P-521. This allows for full secret key recovery in roughly 60 signatures by using state-of-the-art techniques. These signatures can either be harvested by a malicious server (machine-in-the-middle attacks are not possible given that clients do not transmit their signature in the clear) or from any other source, e.g. signed git commits through forwarded agents.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "fixed": [
          "CSAFPID-0002",
          "CSAFPID-0004",
          "CSAFPID-0010",
          "CSAFPID-0007",
          "CSAFPID-0009"
        ],
        "known_affected": [
          "CSAFPID-0001",
          "CSAFPID-0003",
          "CSAFPID-0005",
          "CSAFPID-0006",
          "CSAFPID-0008"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE Record",
          "url": "https://cveawg.mitre.org/api/cve/CVE-2024-31497"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2024-04-15T19:00:00.000Z",
          "details": "Update to the latest version of the product. At least version 0.61.\nAdditionally, any key material using NIST P-521 must be revoke/discard and new keys have to be generated.",
          "product_ids": [
            "CSAFPID-0001"
          ],
          "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html"
        },
        {
          "category": "vendor_fix",
          "date": "2024-04-15T19:00:00.000Z",
          "details": "Update to the latest version of the product. At least version 3.67.0.",
          "product_ids": [
            "CSAFPID-0003"
          ],
          "url": "https://filezilla-project.org/download.php?type=client"
        },
        {
          "category": "vendor_fix",
          "date": "2024-04-15T19:00:00.000Z",
          "details": "Update to the latest version of the product. At least version 6.3.3.",
          "product_ids": [
            "CSAFPID-0005"
          ],
          "url": "https://winscp.net/eng/download.php"
        },
        {
          "category": "vendor_fix",
          "date": "2024-04-15T19:00:00.000Z",
          "details": "Update to the latest version of the product. At least version 2.15.0.1.",
          "product_ids": [
            "CSAFPID-0006"
          ],
          "url": "https://tortoisegit.org/download/"
        },
        {
          "category": "workaround",
          "date": "2024-04-15T19:00:00.000Z",
          "details": "As long as there is no official patch available: Configure TortoiseSVN to use PuTTY\u0027s latest plink.exe instead of the included exe. ",
          "product_ids": [
            "CSAFPID-0008"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 10,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 10,
            "environmentalSeverity": "CRITICAL",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "temporalScore": 10,
            "temporalSeverity": "CRITICAL",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0001"
          ]
        },
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "HIGH",
            "baseScore": 8.2,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "environmentalScore": 8.3,
            "environmentalSeverity": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "HIGH",
            "scope": "CHANGED",
            "temporalScore": 8.2,
            "temporalSeverity": "HIGH",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "CSAFPID-0003",
            "CSAFPID-0005",
            "CSAFPID-0006",
            "CSAFPID-0008"
          ]
        }
      ],
      "title": "Secret Key Recovery of NIST P-521 Private Keys through biased ECDSA nonces in PuTTY client"
    }
  ]
}

WID-SEC-W-2024-0866

Vulnerability from csaf_certbund

Published

2024-04-15 22:00

Modified

2024-07-04 22:00

Summary

PuTTY: Schwachstelle ermöglicht Erlangen des privaten Schlüssels

Notes

Produktbeschreibung

Angriff

Betroffene Betriebssysteme

- Windows

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "PuTTY ist ein freier, Open Source Terminal Emulator der als Client f\u00fcr SSH, Telnet, rlogin und die Serielle Konsole dient.\r\nFileZilla ist eine Software zur Datei\u00fcbertragung.\r\nWinSCP dient dem sicheren Dateitransfer auf Basis von SSH.\r\nTortoiseGit ist eine grafische Benutzeroberfl\u00e4che f\u00fcr die Versionsverwaltungssoftware Git.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in PuTTY und Anwendungen, die PuTTY nutzen, wie z.B. FileZilla, WinSCP und TortoiseGit ausnutzen, um bei 521-bit ECDSA den privaten Schl\u00fcssel des Nutzers zu erlangen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Windows",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2024-0866 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0866.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2024-0866 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0866"
      },
      {
        "category": "external",
        "summary": "PuTTY vulnerability vuln-p521-bias vom 2024-04-15",
        "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-8401D42DE6 vom 2024-04-16",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-8401d42de6"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-0489E7BA1E vom 2024-04-16",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-0489e7ba1e"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-FF9A2FB31C vom 2024-04-16",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-ff9a2fb31c"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-D85C1F7450 vom 2024-04-17",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-d85c1f7450"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-EPEL-2024-79F96E9D05 vom 2024-04-17",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-79f96e9d05"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-08A4A5EAD8 vom 2024-04-17",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-08a4a5ead8"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-2024-CBA85CC558 vom 2024-04-17",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-2024-cba85cc558"
      },
      {
        "category": "external",
        "summary": "Fedora Security Advisory FEDORA-EPEL-2024-99CF4E74B7 vom 2024-04-17",
        "url": "https://bodhi.fedoraproject.org/updates/FEDORA-EPEL-2024-99cf4e74b7"
      },
      {
        "category": "external",
        "summary": "Citrix Security Advisory CTX633416 vom 2024-05-08",
        "url": "https://support.citrix.com/article/CTX633416"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-3839 vom 2024-06-20",
        "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html"
      },
      {
        "category": "external",
        "summary": "Gentoo Linux Security Advisory GLSA-202407-11 vom 2024-07-05",
        "url": "https://security.gentoo.org/glsa/202407-11"
      }
    ],
    "source_lang": "en-US",
    "title": "PuTTY: Schwachstelle erm\u00f6glicht Erlangen des privaten Schl\u00fcssels",
    "tracking": {
      "current_release_date": "2024-07-04T22:00:00.000+00:00",
      "generator": {
        "date": "2024-08-15T18:07:39.067+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.3.5"
        }
      },
      "id": "WID-SEC-W-2024-0866",
      "initial_release_date": "2024-04-15T22:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2024-04-15T22:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2024-04-16T22:00:00.000+00:00",
          "number": "2",
          "summary": "Update WinSCP verf\u00fcgbar"
        },
        {
          "date": "2024-04-17T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Fedora aufgenommen"
        },
        {
          "date": "2024-05-09T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates von Citrix aufgenommen"
        },
        {
          "date": "2024-06-20T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von Debian aufgenommen"
        },
        {
          "date": "2024-07-04T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von Gentoo aufgenommen"
        }
      ],
      "status": "final",
      "version": "6"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Citrix Systems Hypervisor",
            "product": {
              "name": "Citrix Systems Hypervisor",
              "product_id": "T016872",
              "product_identification_helper": {
                "cpe": "cpe:/o:citrix:hypervisor:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "Citrix Systems XenServer",
            "product": {
              "name": "Citrix Systems XenServer",
              "product_id": "T004077",
              "product_identification_helper": {
                "cpe": "cpe:/a:citrix:xenserver:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Citrix Systems"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Fedora Linux",
            "product": {
              "name": "Fedora Linux",
              "product_id": "74185",
              "product_identification_helper": {
                "cpe": "cpe:/o:fedoraproject:fedora:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Fedora"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Gentoo Linux",
            "product": {
              "name": "Gentoo Linux",
              "product_id": "T012167",
              "product_identification_helper": {
                "cpe": "cpe:/o:gentoo:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Gentoo"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c3.67.0",
                "product": {
                  "name": "Open Source FileZilla \u003c3.67.0",
                  "product_id": "T034122"
                }
              }
            ],
            "category": "product_name",
            "name": "FileZilla"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003e=0.68",
                "product": {
                  "name": "Open Source PuTTY \u003e=0.68",
                  "product_id": "T009529"
                }
              },
              {
                "category": "product_version_range",
                "name": "\u003c0.81",
                "product": {
                  "name": "Open Source PuTTY \u003c0.81",
                  "product_id": "T034121"
                }
              }
            ],
            "category": "product_name",
            "name": "PuTTY"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c2.15.0.1",
                "product": {
                  "name": "Open Source TortoiseGit \u003c2.15.0.1",
                  "product_id": "T034124"
                }
              }
            ],
            "category": "product_name",
            "name": "TortoiseGit"
          },
          {
            "branches": [
              {
                "category": "product_version_range",
                "name": "\u003c6.3.3",
                "product": {
                  "name": "Open Source WinSCP \u003c6.3.3",
                  "product_id": "T034123"
                }
              }
            ],
            "category": "product_name",
            "name": "WinSCP"
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-31497",
      "notes": [
        {
          "category": "description",
          "text": "Es existiert eine Schwachstelle in PuTTY und Anwendungen, die PuTTY nutzen, wie z.B. FileZilla, WinSCP und TortoiseGit. Bei der Berechnung von 521-bit ECDSA Signaturen (z.B. ecdsa-sha2-nistp521) wird ein schwacher NONCE verwendet. Ein Angreifer kann bei Kenntnis ausreichend vieler mit einem Schl\u00fcssel angefertigten Signaturen den verwendeten privaten Schl\u00fcssel rekonstruieren. Derartige Signaturen k\u00f6nnen z.B. \u00f6ffentliche Commit-Signaturen in Git-Systemen sein. Die Entwickler weisen darauf hin, dass ECDSA Verfahren mit anderen Schl\u00fcssell\u00e4ngen und insbesondere \"Ed25519\" nicht betroffen sind. Nutzern wird empfohlen, betroffene Schl\u00fcssel nicht mehr zu verwenden und insbesondere die SSH Berechtigung f\u00fcr diese Schl\u00fcssel zu entziehen (aus der \"authorized_keys\" Datei entfernen)."
        }
      ],
      "product_status": {
        "known_affected": [
          "T004077",
          "2951",
          "T012167",
          "T016872",
          "74185"
        ]
      },
      "release_date": "2024-04-15T22:00:00.000+00:00",
      "title": "CVE-2024-31497"
    }
  ]
}

opensuse-su-2024:0111-1

Vulnerability from csaf_opensuse

Published

2024-04-19 12:53

Modified

2024-04-19 12:53

Summary

Security update for putty

Notes

Title of the patch

Security update for putty

Description of the patch

This update for putty fixes the following issues: Update to release 0.81 * Fix CVE-2024-31497: NIST P521 / ecdsa-sha2-nistp521 signatures are no longer generated with biased values of k. The previous bias compromises private keys.

Patchnames

openSUSE-2024-111

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for putty",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for putty fixes the following issues:\n\nUpdate to release 0.81\n\n* Fix CVE-2024-31497: NIST P521 / ecdsa-sha2-nistp521 signatures are no longer\n  generated with biased values of k. The previous bias compromises private keys.\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-2024-111",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_0111-1.json"
      },
      {
        "category": "self",
        "summary": "URL for openSUSE-SU-2024:0111-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YWBLPFDJD74NA6KYAQIVS5LANZFUCGL2/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for openSUSE-SU-2024:0111-1",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YWBLPFDJD74NA6KYAQIVS5LANZFUCGL2/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-31497 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-31497/"
      }
    ],
    "title": "Security update for putty",
    "tracking": {
      "current_release_date": "2024-04-19T12:53:10Z",
      "generator": {
        "date": "2024-04-19T12:53:10Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:0111-1",
      "initial_release_date": "2024-04-19T12:53:10Z",
      "revision_history": [
        {
          "date": "2024-04-19T12:53:10Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "putty-0.81-bp155.2.6.1.aarch64",
                "product": {
                  "name": "putty-0.81-bp155.2.6.1.aarch64",
                  "product_id": "putty-0.81-bp155.2.6.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "putty-0.81-bp155.2.6.1.i586",
                "product": {
                  "name": "putty-0.81-bp155.2.6.1.i586",
                  "product_id": "putty-0.81-bp155.2.6.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "putty-0.81-bp155.2.6.1.ppc64le",
                "product": {
                  "name": "putty-0.81-bp155.2.6.1.ppc64le",
                  "product_id": "putty-0.81-bp155.2.6.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "putty-0.81-bp155.2.6.1.s390x",
                "product": {
                  "name": "putty-0.81-bp155.2.6.1.s390x",
                  "product_id": "putty-0.81-bp155.2.6.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "putty-0.81-bp155.2.6.1.x86_64",
                "product": {
                  "name": "putty-0.81-bp155.2.6.1.x86_64",
                  "product_id": "putty-0.81-bp155.2.6.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Package Hub 15 SP5",
                "product": {
                  "name": "SUSE Package Hub 15 SP5",
                  "product_id": "SUSE Package Hub 15 SP5"
                }
              },
              {
                "category": "product_name",
                "name": "openSUSE Leap 15.5",
                "product": {
                  "name": "openSUSE Leap 15.5",
                  "product_id": "openSUSE Leap 15.5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:leap:15.5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "putty-0.81-bp155.2.6.1.aarch64 as component of SUSE Package Hub 15 SP5",
          "product_id": "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.aarch64"
        },
        "product_reference": "putty-0.81-bp155.2.6.1.aarch64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "putty-0.81-bp155.2.6.1.i586 as component of SUSE Package Hub 15 SP5",
          "product_id": "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.i586"
        },
        "product_reference": "putty-0.81-bp155.2.6.1.i586",
        "relates_to_product_reference": "SUSE Package Hub 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "putty-0.81-bp155.2.6.1.ppc64le as component of SUSE Package Hub 15 SP5",
          "product_id": "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.ppc64le"
        },
        "product_reference": "putty-0.81-bp155.2.6.1.ppc64le",
        "relates_to_product_reference": "SUSE Package Hub 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "putty-0.81-bp155.2.6.1.s390x as component of SUSE Package Hub 15 SP5",
          "product_id": "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.s390x"
        },
        "product_reference": "putty-0.81-bp155.2.6.1.s390x",
        "relates_to_product_reference": "SUSE Package Hub 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "putty-0.81-bp155.2.6.1.x86_64 as component of SUSE Package Hub 15 SP5",
          "product_id": "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.x86_64"
        },
        "product_reference": "putty-0.81-bp155.2.6.1.x86_64",
        "relates_to_product_reference": "SUSE Package Hub 15 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "putty-0.81-bp155.2.6.1.aarch64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.aarch64"
        },
        "product_reference": "putty-0.81-bp155.2.6.1.aarch64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "putty-0.81-bp155.2.6.1.i586 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.i586"
        },
        "product_reference": "putty-0.81-bp155.2.6.1.i586",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "putty-0.81-bp155.2.6.1.ppc64le as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.ppc64le"
        },
        "product_reference": "putty-0.81-bp155.2.6.1.ppc64le",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "putty-0.81-bp155.2.6.1.s390x as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.s390x"
        },
        "product_reference": "putty-0.81-bp155.2.6.1.s390x",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "putty-0.81-bp155.2.6.1.x86_64 as component of openSUSE Leap 15.5",
          "product_id": "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.x86_64"
        },
        "product_reference": "putty-0.81-bp155.2.6.1.x86_64",
        "relates_to_product_reference": "openSUSE Leap 15.5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-31497",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-31497"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user\u0027s NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim\u0027s private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim\u0027s private key) can derive the victim\u0027s private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.aarch64",
          "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.i586",
          "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.ppc64le",
          "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.s390x",
          "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.x86_64",
          "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.aarch64",
          "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.i586",
          "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.ppc64le",
          "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.s390x",
          "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-31497",
          "url": "https://www.suse.com/security/cve/CVE-2024-31497"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222864 for CVE-2024-31497",
          "url": "https://bugzilla.suse.com/1222864"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.aarch64",
            "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.i586",
            "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.ppc64le",
            "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.s390x",
            "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.x86_64",
            "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.aarch64",
            "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.i586",
            "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.ppc64le",
            "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.s390x",
            "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.aarch64",
            "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.i586",
            "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.ppc64le",
            "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.s390x",
            "SUSE Package Hub 15 SP5:putty-0.81-bp155.2.6.1.x86_64",
            "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.aarch64",
            "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.i586",
            "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.ppc64le",
            "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.s390x",
            "openSUSE Leap 15.5:putty-0.81-bp155.2.6.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-04-19T12:53:10Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-31497"
    }
  ]
}

opensuse-su-2024:13870-1

Vulnerability from csaf_opensuse

Published

2024-06-15 00:00

Modified

2024-06-15 00:00

Summary

filezilla-3.67.0-1.1 on GA media

Notes

Title of the patch

filezilla-3.67.0-1.1 on GA media

Description of the patch

These are all security issues fixed in the filezilla-3.67.0-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-13870

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "filezilla-3.67.0-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the filezilla-3.67.0-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-13870",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13870-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-31497 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-31497/"
      }
    ],
    "title": "filezilla-3.67.0-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:13870-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "filezilla-3.67.0-1.1.aarch64",
                "product": {
                  "name": "filezilla-3.67.0-1.1.aarch64",
                  "product_id": "filezilla-3.67.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "filezilla-devel-3.67.0-1.1.aarch64",
                "product": {
                  "name": "filezilla-devel-3.67.0-1.1.aarch64",
                  "product_id": "filezilla-devel-3.67.0-1.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "filezilla-lang-3.67.0-1.1.aarch64",
                "product": {
                  "name": "filezilla-lang-3.67.0-1.1.aarch64",
                  "product_id": "filezilla-lang-3.67.0-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "filezilla-3.67.0-1.1.ppc64le",
                "product": {
                  "name": "filezilla-3.67.0-1.1.ppc64le",
                  "product_id": "filezilla-3.67.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "filezilla-devel-3.67.0-1.1.ppc64le",
                "product": {
                  "name": "filezilla-devel-3.67.0-1.1.ppc64le",
                  "product_id": "filezilla-devel-3.67.0-1.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "filezilla-lang-3.67.0-1.1.ppc64le",
                "product": {
                  "name": "filezilla-lang-3.67.0-1.1.ppc64le",
                  "product_id": "filezilla-lang-3.67.0-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "filezilla-3.67.0-1.1.s390x",
                "product": {
                  "name": "filezilla-3.67.0-1.1.s390x",
                  "product_id": "filezilla-3.67.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "filezilla-devel-3.67.0-1.1.s390x",
                "product": {
                  "name": "filezilla-devel-3.67.0-1.1.s390x",
                  "product_id": "filezilla-devel-3.67.0-1.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "filezilla-lang-3.67.0-1.1.s390x",
                "product": {
                  "name": "filezilla-lang-3.67.0-1.1.s390x",
                  "product_id": "filezilla-lang-3.67.0-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "filezilla-3.67.0-1.1.x86_64",
                "product": {
                  "name": "filezilla-3.67.0-1.1.x86_64",
                  "product_id": "filezilla-3.67.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "filezilla-devel-3.67.0-1.1.x86_64",
                "product": {
                  "name": "filezilla-devel-3.67.0-1.1.x86_64",
                  "product_id": "filezilla-devel-3.67.0-1.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "filezilla-lang-3.67.0-1.1.x86_64",
                "product": {
                  "name": "filezilla-lang-3.67.0-1.1.x86_64",
                  "product_id": "filezilla-lang-3.67.0-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "filezilla-3.67.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:filezilla-3.67.0-1.1.aarch64"
        },
        "product_reference": "filezilla-3.67.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "filezilla-3.67.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:filezilla-3.67.0-1.1.ppc64le"
        },
        "product_reference": "filezilla-3.67.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "filezilla-3.67.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:filezilla-3.67.0-1.1.s390x"
        },
        "product_reference": "filezilla-3.67.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "filezilla-3.67.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:filezilla-3.67.0-1.1.x86_64"
        },
        "product_reference": "filezilla-3.67.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "filezilla-devel-3.67.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:filezilla-devel-3.67.0-1.1.aarch64"
        },
        "product_reference": "filezilla-devel-3.67.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "filezilla-devel-3.67.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:filezilla-devel-3.67.0-1.1.ppc64le"
        },
        "product_reference": "filezilla-devel-3.67.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "filezilla-devel-3.67.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:filezilla-devel-3.67.0-1.1.s390x"
        },
        "product_reference": "filezilla-devel-3.67.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "filezilla-devel-3.67.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:filezilla-devel-3.67.0-1.1.x86_64"
        },
        "product_reference": "filezilla-devel-3.67.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "filezilla-lang-3.67.0-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:filezilla-lang-3.67.0-1.1.aarch64"
        },
        "product_reference": "filezilla-lang-3.67.0-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "filezilla-lang-3.67.0-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:filezilla-lang-3.67.0-1.1.ppc64le"
        },
        "product_reference": "filezilla-lang-3.67.0-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "filezilla-lang-3.67.0-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:filezilla-lang-3.67.0-1.1.s390x"
        },
        "product_reference": "filezilla-lang-3.67.0-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "filezilla-lang-3.67.0-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:filezilla-lang-3.67.0-1.1.x86_64"
        },
        "product_reference": "filezilla-lang-3.67.0-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-31497",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-31497"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user\u0027s NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim\u0027s private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim\u0027s private key) can derive the victim\u0027s private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:filezilla-3.67.0-1.1.aarch64",
          "openSUSE Tumbleweed:filezilla-3.67.0-1.1.ppc64le",
          "openSUSE Tumbleweed:filezilla-3.67.0-1.1.s390x",
          "openSUSE Tumbleweed:filezilla-3.67.0-1.1.x86_64",
          "openSUSE Tumbleweed:filezilla-devel-3.67.0-1.1.aarch64",
          "openSUSE Tumbleweed:filezilla-devel-3.67.0-1.1.ppc64le",
          "openSUSE Tumbleweed:filezilla-devel-3.67.0-1.1.s390x",
          "openSUSE Tumbleweed:filezilla-devel-3.67.0-1.1.x86_64",
          "openSUSE Tumbleweed:filezilla-lang-3.67.0-1.1.aarch64",
          "openSUSE Tumbleweed:filezilla-lang-3.67.0-1.1.ppc64le",
          "openSUSE Tumbleweed:filezilla-lang-3.67.0-1.1.s390x",
          "openSUSE Tumbleweed:filezilla-lang-3.67.0-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-31497",
          "url": "https://www.suse.com/security/cve/CVE-2024-31497"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222864 for CVE-2024-31497",
          "url": "https://bugzilla.suse.com/1222864"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:filezilla-3.67.0-1.1.aarch64",
            "openSUSE Tumbleweed:filezilla-3.67.0-1.1.ppc64le",
            "openSUSE Tumbleweed:filezilla-3.67.0-1.1.s390x",
            "openSUSE Tumbleweed:filezilla-3.67.0-1.1.x86_64",
            "openSUSE Tumbleweed:filezilla-devel-3.67.0-1.1.aarch64",
            "openSUSE Tumbleweed:filezilla-devel-3.67.0-1.1.ppc64le",
            "openSUSE Tumbleweed:filezilla-devel-3.67.0-1.1.s390x",
            "openSUSE Tumbleweed:filezilla-devel-3.67.0-1.1.x86_64",
            "openSUSE Tumbleweed:filezilla-lang-3.67.0-1.1.aarch64",
            "openSUSE Tumbleweed:filezilla-lang-3.67.0-1.1.ppc64le",
            "openSUSE Tumbleweed:filezilla-lang-3.67.0-1.1.s390x",
            "openSUSE Tumbleweed:filezilla-lang-3.67.0-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:filezilla-3.67.0-1.1.aarch64",
            "openSUSE Tumbleweed:filezilla-3.67.0-1.1.ppc64le",
            "openSUSE Tumbleweed:filezilla-3.67.0-1.1.s390x",
            "openSUSE Tumbleweed:filezilla-3.67.0-1.1.x86_64",
            "openSUSE Tumbleweed:filezilla-devel-3.67.0-1.1.aarch64",
            "openSUSE Tumbleweed:filezilla-devel-3.67.0-1.1.ppc64le",
            "openSUSE Tumbleweed:filezilla-devel-3.67.0-1.1.s390x",
            "openSUSE Tumbleweed:filezilla-devel-3.67.0-1.1.x86_64",
            "openSUSE Tumbleweed:filezilla-lang-3.67.0-1.1.aarch64",
            "openSUSE Tumbleweed:filezilla-lang-3.67.0-1.1.ppc64le",
            "openSUSE Tumbleweed:filezilla-lang-3.67.0-1.1.s390x",
            "openSUSE Tumbleweed:filezilla-lang-3.67.0-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-31497"
    }
  ]
}

opensuse-su-2024:13868-1

Vulnerability from csaf_opensuse

Published

2024-06-15 00:00

Modified

2024-06-15 00:00

Summary

putty-0.81-1.1 on GA media

Notes

Title of the patch

putty-0.81-1.1 on GA media

Description of the patch

These are all security issues fixed in the putty-0.81-1.1 package on the GA media of openSUSE Tumbleweed.

Patchnames

openSUSE-Tumbleweed-2024-13868

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "putty-0.81-1.1 on GA media",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "These are all security issues fixed in the putty-0.81-1.1 package on the GA media of openSUSE Tumbleweed.",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "openSUSE-Tumbleweed-2024-13868",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13868-1.json"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2024-31497 page",
        "url": "https://www.suse.com/security/cve/CVE-2024-31497/"
      }
    ],
    "title": "putty-0.81-1.1 on GA media",
    "tracking": {
      "current_release_date": "2024-06-15T00:00:00Z",
      "generator": {
        "date": "2024-06-15T00:00:00Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "openSUSE-SU-2024:13868-1",
      "initial_release_date": "2024-06-15T00:00:00Z",
      "revision_history": [
        {
          "date": "2024-06-15T00:00:00Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "putty-0.81-1.1.aarch64",
                "product": {
                  "name": "putty-0.81-1.1.aarch64",
                  "product_id": "putty-0.81-1.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "putty-0.81-1.1.ppc64le",
                "product": {
                  "name": "putty-0.81-1.1.ppc64le",
                  "product_id": "putty-0.81-1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "putty-0.81-1.1.s390x",
                "product": {
                  "name": "putty-0.81-1.1.s390x",
                  "product_id": "putty-0.81-1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "putty-0.81-1.1.x86_64",
                "product": {
                  "name": "putty-0.81-1.1.x86_64",
                  "product_id": "putty-0.81-1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "openSUSE Tumbleweed",
                "product": {
                  "name": "openSUSE Tumbleweed",
                  "product_id": "openSUSE Tumbleweed",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:opensuse:tumbleweed"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "putty-0.81-1.1.aarch64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:putty-0.81-1.1.aarch64"
        },
        "product_reference": "putty-0.81-1.1.aarch64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "putty-0.81-1.1.ppc64le as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:putty-0.81-1.1.ppc64le"
        },
        "product_reference": "putty-0.81-1.1.ppc64le",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "putty-0.81-1.1.s390x as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:putty-0.81-1.1.s390x"
        },
        "product_reference": "putty-0.81-1.1.s390x",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "putty-0.81-1.1.x86_64 as component of openSUSE Tumbleweed",
          "product_id": "openSUSE Tumbleweed:putty-0.81-1.1.x86_64"
        },
        "product_reference": "putty-0.81-1.1.x86_64",
        "relates_to_product_reference": "openSUSE Tumbleweed"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2024-31497",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2024-31497"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user\u0027s NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim\u0027s private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim\u0027s private key) can derive the victim\u0027s private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "openSUSE Tumbleweed:putty-0.81-1.1.aarch64",
          "openSUSE Tumbleweed:putty-0.81-1.1.ppc64le",
          "openSUSE Tumbleweed:putty-0.81-1.1.s390x",
          "openSUSE Tumbleweed:putty-0.81-1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2024-31497",
          "url": "https://www.suse.com/security/cve/CVE-2024-31497"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1222864 for CVE-2024-31497",
          "url": "https://bugzilla.suse.com/1222864"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "openSUSE Tumbleweed:putty-0.81-1.1.aarch64",
            "openSUSE Tumbleweed:putty-0.81-1.1.ppc64le",
            "openSUSE Tumbleweed:putty-0.81-1.1.s390x",
            "openSUSE Tumbleweed:putty-0.81-1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.9,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "openSUSE Tumbleweed:putty-0.81-1.1.aarch64",
            "openSUSE Tumbleweed:putty-0.81-1.1.ppc64le",
            "openSUSE Tumbleweed:putty-0.81-1.1.s390x",
            "openSUSE Tumbleweed:putty-0.81-1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2024-06-15T00:00:00Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2024-31497"
    }
  ]
}

gsd-2024-31497

Vulnerability from gsd

Modified

2024-04-11 05:03

Details

Aliases

CVE-2024-31497

JSON

To clipboard

{
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2024-31497"
      ],
      "details": "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user\u0027s NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim\u0027s private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim\u0027s private key) can derive the victim\u0027s private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6.",
      "id": "GSD-2024-31497",
      "modified": "2024-04-11T05:03:20.811992Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "cve@mitre.org",
        "ID": "CVE-2024-31497",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user\u0027s NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim\u0027s private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim\u0027s private key) can derive the victim\u0027s private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html",
            "refsource": "MISC",
            "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
          },
          {
            "name": "https://filezilla-project.org/versions.php",
            "refsource": "MISC",
            "url": "https://filezilla-project.org/versions.php"
          },
          {
            "name": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html",
            "refsource": "CONFIRM",
            "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html"
          },
          {
            "name": "https://www.openwall.com/lists/oss-security/2024/04/15/6",
            "refsource": "MISC",
            "url": "https://www.openwall.com/lists/oss-security/2024/04/15/6"
          },
          {
            "name": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward",
            "refsource": "MISC",
            "url": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward"
          },
          {
            "name": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty",
            "refsource": "MISC",
            "url": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty"
          },
          {
            "name": "https://news.ycombinator.com/item?id=40044665",
            "refsource": "MISC",
            "url": "https://news.ycombinator.com/item?id=40044665"
          },
          {
            "name": "https://winscp.net/eng/news.php",
            "refsource": "MISC",
            "url": "https://winscp.net/eng/news.php"
          },
          {
            "name": "https://tortoisegit.org",
            "refsource": "MISC",
            "url": "https://tortoisegit.org"
          },
          {
            "name": "https://github.com/advisories/GHSA-6p4c-r453-8743",
            "refsource": "MISC",
            "url": "https://github.com/advisories/GHSA-6p4c-r453-8743"
          },
          {
            "name": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183",
            "refsource": "MISC",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183"
          },
          {
            "name": "https://bugzilla.suse.com/show_bug.cgi?id=1222864",
            "refsource": "MISC",
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1222864"
          },
          {
            "name": "https://security-tracker.debian.org/tracker/CVE-2024-31497",
            "refsource": "MISC",
            "url": "https://security-tracker.debian.org/tracker/CVE-2024-31497"
          },
          {
            "name": "https://twitter.com/lambdafu/status/1779969509522133272",
            "refsource": "MISC",
            "url": "https://twitter.com/lambdafu/status/1779969509522133272"
          },
          {
            "name": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27\u0026p=simon/putty.git",
            "refsource": "MISC",
            "url": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27\u0026p=simon/putty.git"
          },
          {
            "name": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/",
            "refsource": "MISC",
            "url": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/"
          },
          {
            "name": "https://github.com/daedalus/BreakingECDSAwithLLL",
            "refsource": "MISC",
            "url": "https://github.com/daedalus/BreakingECDSAwithLLL"
          },
          {
            "name": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/",
            "refsource": "MISC",
            "url": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/"
          },
          {
            "name": "https://twitter.com/CCBalert/status/1780229237569470549",
            "refsource": "MISC",
            "url": "https://twitter.com/CCBalert/status/1780229237569470549"
          },
          {
            "name": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/",
            "refsource": "MISC",
            "url": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/"
          },
          {
            "name": "FEDORA-2024-8401d42de6",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/"
          },
          {
            "name": "FEDORA-2024-ff9a2fb31c",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/"
          },
          {
            "name": "FEDORA-2024-0489e7ba1e",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/"
          },
          {
            "name": "FEDORA-2024-08a4a5ead8",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/"
          },
          {
            "name": "FEDORA-2024-cba85cc558",
            "refsource": "FEDORA",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "descriptions": [
          {
            "lang": "en",
            "value": "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user\u0027s NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim\u0027s private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim\u0027s private key) can derive the victim\u0027s private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6."
          },
          {
            "lang": "es",
            "value": "En PuTTY 0.68 a 0.80 antes de 0.81, la generaci\u00f3n nonce ECDSA sesgada permite a un atacante recuperar la clave secreta NIST P-521 de un usuario mediante un ataque r\u00e1pido en aproximadamente 60 firmas. Esto es especialmente importante en un escenario en el que un adversario puede leer mensajes firmados por PuTTY o Pageant. El conjunto requerido de mensajes firmados puede ser legible p\u00fablicamente porque est\u00e1n almacenados en un servicio p\u00fablico Git que admite el uso de SSH para la firma de confirmaci\u00f3n, y Pageant realiz\u00f3 las firmas a trav\u00e9s de un mecanismo de reenv\u00edo de agentes. En otras palabras, es posible que un adversario ya tenga suficiente informaci\u00f3n de firma para comprometer la clave privada de una v\u00edctima, incluso si no se utilizan m\u00e1s versiones vulnerables de PuTTY. Despu\u00e9s de un compromiso clave, un adversario puede realizar ataques a la cadena de suministro del software mantenido en Git. Un segundo escenario independiente es que el adversario sea un operador de un servidor SSH en el que la v\u00edctima se autentica (para inicio de sesi\u00f3n remoto o copia de archivos), aunque la v\u00edctima no conf\u00ede plenamente en este servidor y la v\u00edctima utilice la misma clave privada. para conexiones SSH a otros servicios operados por otras entidades. Aqu\u00ed, el operador del servidor fraudulento (que de otro modo no tendr\u00eda forma de determinar la clave privada de la v\u00edctima) puede obtener la clave privada de la v\u00edctima y luego usarla para acceder no autorizado a esos otros servicios. Si los otros servicios incluyen servicios Git, nuevamente es posible realizar ataques a la cadena de suministro del software mantenido en Git. Esto tambi\u00e9n afecta, por ejemplo, a FileZilla anterior a 3.67.0, WinSCP anterior a 6.3.3, TortoiseGit anterior a 2.15.0.1 y TortoiseSVN hasta 1.14.6."
          }
        ],
        "id": "CVE-2024-31497",
        "lastModified": "2024-04-26T02:15:06.197",
        "metrics": {},
        "published": "2024-04-15T20:15:11.077",
        "references": [
          {
            "source": "cve@mitre.org",
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://bugzilla.suse.com/show_bug.cgi?id=1222864"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://filezilla-project.org/versions.php"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27\u0026p=simon/putty.git"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://github.com/advisories/GHSA-6p4c-r453-8743"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://github.com/daedalus/BreakingECDSAwithLLL"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://news.ycombinator.com/item?id=40044665"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://security-tracker.debian.org/tracker/CVE-2024-31497"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://tortoisegit.org"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://twitter.com/CCBalert/status/1780229237569470549"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://twitter.com/lambdafu/status/1779969509522133272"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://winscp.net/eng/news.php"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://www.openwall.com/lists/oss-security/2024/04/15/6"
          },
          {
            "source": "cve@mitre.org",
            "url": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/"
          }
        ],
        "sourceIdentifier": "cve@mitre.org",
        "vulnStatus": "Awaiting Analysis"
      }
    }
  }
}

ghsa-6p4c-r453-8743

Vulnerability from github

Published

2024-04-15 21:30

Modified

2024-04-17 00:30

Details

In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user's NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. One scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim's private key) can derive the victim's private key, and then use it for unauthorized access to those other services. Because SSH is sometimes used to authenticate to Git services, it is possible that this vulnerability could be leveraged for supply-chain attacks on software maintained in Git. It is also conceivable that signed messages from PuTTY or Pageant are readable by adversaries more easily in other scenarios, but none have yet been disclosed.

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2024-31497"
  ],
  "database_specific": {
    "cwe_ids": [],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2024-04-15T20:15:11Z",
    "severity": null
  },
  "details": "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user\u0027s NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. One scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim\u0027s private key) can derive the victim\u0027s private key, and then use it for unauthorized access to those other services. Because SSH is sometimes used to authenticate to Git services, it is possible that this vulnerability could be leveraged for supply-chain attacks on software maintained in Git. It is also conceivable that signed messages from PuTTY or Pageant are readable by adversaries more easily in other scenarios, but none have yet been disclosed.",
  "id": "GHSA-6p4c-r453-8743",
  "modified": "2024-04-17T00:30:53Z",
  "published": "2024-04-15T21:30:46Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-31497"
    },
    {
      "type": "WEB",
      "url": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08"
    },
    {
      "type": "WEB",
      "url": "https://www.openwall.com/lists/oss-security/2024/04/15/6"
    },
    {
      "type": "WEB",
      "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html"
    },
    {
      "type": "WEB",
      "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
    },
    {
      "type": "WEB",
      "url": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys"
    },
    {
      "type": "WEB",
      "url": "https://winscp.net/eng/news.php"
    },
    {
      "type": "WEB",
      "url": "https://twitter.com/lambdafu/status/1779969509522133272"
    },
    {
      "type": "WEB",
      "url": "https://twitter.com/CCBalert/status/1780229237569470549"
    },
    {
      "type": "WEB",
      "url": "https://tortoisegit.org"
    },
    {
      "type": "WEB",
      "url": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward"
    },
    {
      "type": "WEB",
      "url": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required"
    },
    {
      "type": "WEB",
      "url": "https://security-tracker.debian.org/tracker/CVE-2024-31497"
    },
    {
      "type": "WEB",
      "url": "https://news.ycombinator.com/item?id=40044665"
    },
    {
      "type": "WEB",
      "url": "https://github.com/daedalus/BreakingECDSAwithLLL"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-6p4c-r453-8743"
    },
    {
      "type": "WEB",
      "url": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27\u0026p=simon/putty.git"
    },
    {
      "type": "WEB",
      "url": "https://filezilla-project.org/versions.php"
    },
    {
      "type": "WEB",
      "url": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1222864"
    },
    {
      "type": "WEB",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183"
    }
  ],
  "schema_version": "1.4.0",
  "severity": []
}

fkie_cve-2024-31497

Vulnerability from fkie_nvd

Published

2024-04-15 20:15

Modified

2025-03-27 15:15

Severity ?

5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

Summary

References

URL	Tags
cve@mitre.org	http://www.openwall.com/lists/oss-security/2024/04/15/6	Mailing List, Third Party Advisory
cve@mitre.org	https://bugzilla.redhat.com/show_bug.cgi?id=2275183	Issue Tracking
cve@mitre.org	https://bugzilla.suse.com/show_bug.cgi?id=1222864	Issue Tracking
cve@mitre.org	https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty	Product
cve@mitre.org	https://filezilla-project.org/versions.php	Release Notes
cve@mitre.org	https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git	Mailing List, Patch
cve@mitre.org	https://github.com/advisories/GHSA-6p4c-r453-8743	Third Party Advisory
cve@mitre.org	https://github.com/daedalus/BreakingECDSAwithLLL	Third Party Advisory
cve@mitre.org	https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/	Mailing List, Third Party Advisory
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/	Mailing List, Third Party Advisory
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/	Mailing List, Third Party Advisory
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/	Mailing List, Third Party Advisory
cve@mitre.org	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/	Mailing List, Third Party Advisory
cve@mitre.org	https://news.ycombinator.com/item?id=40044665	Issue Tracking
cve@mitre.org	https://security-tracker.debian.org/tracker/CVE-2024-31497	Third Party Advisory
cve@mitre.org	https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/	Press/Media Coverage
cve@mitre.org	https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward	Product
cve@mitre.org	https://tortoisegit.org	Third Party Advisory
cve@mitre.org	https://twitter.com/CCBalert/status/1780229237569470549	Press/Media Coverage
cve@mitre.org	https://twitter.com/lambdafu/status/1779969509522133272	Press/Media Coverage
cve@mitre.org	https://winscp.net/eng/news.php	Third Party Advisory
cve@mitre.org	https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/	Press/Media Coverage
cve@mitre.org	https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html	Release Notes, Vendor Advisory
cve@mitre.org	https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html	Vendor Advisory
cve@mitre.org	https://www.openwall.com/lists/oss-security/2024/04/15/6	Mailing List, Third Party Advisory
cve@mitre.org	https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/	Press/Media Coverage
af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2024/04/15/6	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.redhat.com/show_bug.cgi?id=2275183	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://bugzilla.suse.com/show_bug.cgi?id=1222864	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty	Product
af854a3a-2127-422b-91ae-364da2661108	https://filezilla-project.org/versions.php	Release Notes
af854a3a-2127-422b-91ae-364da2661108	https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27&p=simon/putty.git	Mailing List, Patch
af854a3a-2127-422b-91ae-364da2661108	https://github.com/advisories/GHSA-6p4c-r453-8743	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://github.com/daedalus/BreakingECDSAwithLLL	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://news.ycombinator.com/item?id=40044665	Issue Tracking
af854a3a-2127-422b-91ae-364da2661108	https://security-tracker.debian.org/tracker/CVE-2024-31497	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/	Press/Media Coverage
af854a3a-2127-422b-91ae-364da2661108	https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward	Product
af854a3a-2127-422b-91ae-364da2661108	https://tortoisegit.org	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://twitter.com/CCBalert/status/1780229237569470549	Press/Media Coverage
af854a3a-2127-422b-91ae-364da2661108	https://twitter.com/lambdafu/status/1779969509522133272	Press/Media Coverage
af854a3a-2127-422b-91ae-364da2661108	https://winscp.net/eng/news.php	Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/	Press/Media Coverage
af854a3a-2127-422b-91ae-364da2661108	https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html	Release Notes, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html	Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.openwall.com/lists/oss-security/2024/04/15/6	Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108	https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/	Press/Media Coverage
af854a3a-2127-422b-91ae-364da2661108	https://www.vicarius.io/vsociety/posts/understanding-a-critical-vulnerability-in-putty-biased-ecdsa-nonce-generation-revealing-nist-p-521-private-keys-cve-2024-31497

Impacted products

Vendor	Product	Version
putty	putty	*
filezilla-project	filezilla_client	*
winscp	winscp	*
tortoisegit	tortoisegit	*
tigris	tortoisesvn	*
fedoraproject	fedora	38
fedoraproject	fedora	39
fedoraproject	fedora	40

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:putty:putty:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E0D6294C-4365-4187-8053-35F3AAC5229F",
              "versionEndExcluding": "0.81",
              "versionStartIncluding": "0.68",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:filezilla-project:filezilla_client:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A0E9886A-527F-444B-AFB3-33CF777182CC",
              "versionEndExcluding": "3.67.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:winscp:winscp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5DA80FE9-039E-4BF4-AC16-6E65FFAB22A2",
              "versionEndExcluding": "6.3.3",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:tortoisegit:tortoisegit:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A1C171EB-2081-44AC-9017-B3BA3A88B10A",
              "versionEndExcluding": "2.15.0.1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:tigris:tortoisesvn:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "26F28A31-E86D-43C1-8043-2B8ECD723AF7",
              "versionEndExcluding": "1.14.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:38:*:*:*:*:*:*:*",
              "matchCriteriaId": "CC559B26-5DFC-4B7A-A27C-B77DE755DFF9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:39:*:*:*:*:*:*:*",
              "matchCriteriaId": "B8EDB836-4E6A-4B71-B9B2-AA3E03E0F646",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:fedoraproject:fedora:40:*:*:*:*:*:*:*",
              "matchCriteriaId": "CA277A6C-83EC-4536-9125-97B84C4FAF59",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "In PuTTY 0.68 through 0.80 before 0.81, biased ECDSA nonce generation allows an attacker to recover a user\u0027s NIST P-521 secret key via a quick attack in approximately 60 signatures. This is especially important in a scenario where an adversary is able to read messages signed by PuTTY or Pageant. The required set of signed messages may be publicly readable because they are stored in a public Git service that supports use of SSH for commit signing, and the signatures were made by Pageant through an agent-forwarding mechanism. In other words, an adversary may already have enough signature information to compromise a victim\u0027s private key, even if there is no further use of vulnerable PuTTY versions. After a key compromise, an adversary may be able to conduct supply-chain attacks on software maintained in Git. A second, independent scenario is that the adversary is an operator of an SSH server to which the victim authenticates (for remote login or file copy), even though this server is not fully trusted by the victim, and the victim uses the same private key for SSH connections to other services operated by other entities. Here, the rogue server operator (who would otherwise have no way to determine the victim\u0027s private key) can derive the victim\u0027s private key, and then use it for unauthorized access to those other services. If the other services include Git services, then again it may be possible to conduct supply-chain attacks on software maintained in Git. This also affects, for example, FileZilla before 3.67.0, WinSCP before 6.3.3, TortoiseGit before 2.15.0.1, and TortoiseSVN through 1.14.6."
    },
    {
      "lang": "es",
      "value": "En PuTTY 0.68 a 0.80 antes de 0.81, la generaci\u00f3n nonce ECDSA sesgada permite a un atacante recuperar la clave secreta NIST P-521 de un usuario mediante un ataque r\u00e1pido en aproximadamente 60 firmas. Esto es especialmente importante en un escenario en el que un adversario puede leer mensajes firmados por PuTTY o Pageant. El conjunto requerido de mensajes firmados puede ser legible p\u00fablicamente porque est\u00e1n almacenados en un servicio p\u00fablico Git que admite el uso de SSH para la firma de confirmaci\u00f3n, y Pageant realiz\u00f3 las firmas a trav\u00e9s de un mecanismo de reenv\u00edo de agentes. En otras palabras, es posible que un adversario ya tenga suficiente informaci\u00f3n de firma para comprometer la clave privada de una v\u00edctima, incluso si no se utilizan m\u00e1s versiones vulnerables de PuTTY. Despu\u00e9s de un compromiso clave, un adversario puede realizar ataques a la cadena de suministro del software mantenido en Git. Un segundo escenario independiente es que el adversario sea un operador de un servidor SSH en el que la v\u00edctima se autentica (para inicio de sesi\u00f3n remoto o copia de archivos), aunque la v\u00edctima no conf\u00ede plenamente en este servidor y la v\u00edctima utilice la misma clave privada. para conexiones SSH a otros servicios operados por otras entidades. Aqu\u00ed, el operador del servidor fraudulento (que de otro modo no tendr\u00eda forma de determinar la clave privada de la v\u00edctima) puede obtener la clave privada de la v\u00edctima y luego usarla para acceder no autorizado a esos otros servicios. Si los otros servicios incluyen servicios Git, nuevamente es posible realizar ataques a la cadena de suministro del software mantenido en Git. Esto tambi\u00e9n afecta, por ejemplo, a FileZilla anterior a 3.67.0, WinSCP anterior a 6.3.3, TortoiseGit anterior a 2.15.0.1 y TortoiseSVN hasta 1.14.6."
    }
  ],
  "id": "CVE-2024-31497",
  "lastModified": "2025-03-27T15:15:51.690",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.9,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.2,
        "impactScore": 3.6,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2024-04-15T20:15:11.077",
  "references": [
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2024/04/15/6"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1222864"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Product"
      ],
      "url": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes"
      ],
      "url": "https://filezilla-project.org/versions.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Patch"
      ],
      "url": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27\u0026p=simon/putty.git"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/advisories/GHSA-6p4c-r453-8743"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/daedalus/BreakingECDSAwithLLL"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://news.ycombinator.com/item?id=40044665"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security-tracker.debian.org/tracker/CVE-2024-31497"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Press/Media Coverage"
      ],
      "url": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Product"
      ],
      "url": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tortoisegit.org"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Press/Media Coverage"
      ],
      "url": "https://twitter.com/CCBalert/status/1780229237569470549"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Press/Media Coverage"
      ],
      "url": "https://twitter.com/lambdafu/status/1779969509522133272"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://winscp.net/eng/news.php"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Press/Media Coverage"
      ],
      "url": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.openwall.com/lists/oss-security/2024/04/15/6"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Press/Media Coverage"
      ],
      "url": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "http://www.openwall.com/lists/oss-security/2024/04/15/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2275183"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://bugzilla.suse.com/show_bug.cgi?id=1222864"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product"
      ],
      "url": "https://docs.ccv.brown.edu/oscar/connecting-to-oscar/ssh/ssh-agent-forwarding/key-generation-and-agent-forwarding-with-putty"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes"
      ],
      "url": "https://filezilla-project.org/versions.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Patch"
      ],
      "url": "https://git.tartarus.org/?h=c193fe9848f50a88a4089aac647fecc31ae96d27\u0026p=simon/putty.git"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/advisories/GHSA-6p4c-r453-8743"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://github.com/daedalus/BreakingECDSAwithLLL"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2024/06/msg00014.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/IZS3B37GNGWOOV7QU7B7JFK76U4TOP4V/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MMHILY2K7HQGQRHOC375KRRG2M6625RD/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PUOTQVGC4DISVHQGSPUYGXO6TLDK65LA/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WFDZBV7ZCAZ6AH3VCQ34SSY7L3J7VZXZ/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WMJH7M663BVO3SY6MFAW2FAZWLLXAPRQ/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking"
      ],
      "url": "https://news.ycombinator.com/item?id=40044665"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security-tracker.debian.org/tracker/CVE-2024-31497"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Press/Media Coverage"
      ],
      "url": "https://securityonline.info/cve-2024-31497-critical-putty-vulnerability-exposes-private-keys-immediate-action-required/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Product"
      ],
      "url": "https://tartarus.org/~simon/putty-snapshots/htmldoc/Chapter9.html#pageant-forward"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://tortoisegit.org"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Press/Media Coverage"
      ],
      "url": "https://twitter.com/CCBalert/status/1780229237569470549"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Press/Media Coverage"
      ],
      "url": "https://twitter.com/lambdafu/status/1779969509522133272"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://winscp.net/eng/news.php"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Press/Media Coverage"
      ],
      "url": "https://www.bleepingcomputer.com/news/security/putty-ssh-client-flaw-allows-recovery-of-cryptographic-private-keys/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Release Notes",
        "Vendor Advisory"
      ],
      "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/changes.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Third Party Advisory"
      ],
      "url": "https://www.openwall.com/lists/oss-security/2024/04/15/6"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Press/Media Coverage"
      ],
      "url": "https://www.reddit.com/r/sysadmin/comments/1c4wmoj/putty_vulnerability_affecting_v068_to_v08/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.vicarius.io/vsociety/posts/understanding-a-critical-vulnerability-in-putty-biased-ecdsa-nonce-generation-revealing-nist-p-521-private-keys-cve-2024-31497"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-338"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-338"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

CVE-2024-31497 (GCVE-0-2024-31497)

Vulnerability from cvelistv5

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from csaf_certbund

Vulnerability from csaf_opensuse

Vulnerability from csaf_opensuse

Vulnerability from csaf_opensuse

Vulnerability from gsd

Vulnerability from github

Vulnerability from fkie_nvd

Tags

Sightings

Nomenclature