data/reports/GO-2021-0319.yaml - vulndb - Git at Google

 modules:
   - module: std
     versions:
       - fixed: 1.16.14
       - introduced: 1.17.0
         fixed: 1.17.7
     vulnerable_at: 1.17.6
     packages:
       - package: crypto/elliptic
         symbols:
           - CurveParams.IsOnCurve
           - p384PointFromAffine
           - p521PointFromAffine
         skip_fix: 'TODO: revisit this reason (fix appears to not work with Go <1.18)'
 description: |
     Some big.Int values that are not valid field elements (negative or overflowing)
     might cause Curve.IsOnCurve to incorrectly return true. Operating on those values
     may cause a panic or an invalid curve operation. Note that Unmarshal will never
     return such values.
 published: 2022-05-23T22:15:21Z
 cves:
   - CVE-2022-23806
 credit: Guido Vranken
 references:
   - fix: https://go.dev/cl/382455
   - fix: https://go.googlesource.com/go/+/7f9494c277a471f6f47f4af3036285c0b1419816
   - web: https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ
   - report: https://go.dev/issue/50974
	modules:
	- module: std
	versions:
	- fixed: 1.16.14
	- introduced: 1.17.0
	fixed: 1.17.7
	vulnerable_at: 1.17.6
	packages:
	- package: crypto/elliptic
	symbols:
	- CurveParams.IsOnCurve
	- p384PointFromAffine
	- p521PointFromAffine
	skip_fix: 'TODO: revisit this reason (fix appears to not work with Go <1.18)'
	description: \|
	Some big.Int values that are not valid field elements (negative or overflowing)
	might cause Curve.IsOnCurve to incorrectly return true. Operating on those values
	may cause a panic or an invalid curve operation. Note that Unmarshal will never
	return such values.
	published: 2022-05-23T22:15:21Z
	cves:
	- CVE-2022-23806
	credit: Guido Vranken
	references:
	- fix: https://go.dev/cl/382455
	- fix: https://go.googlesource.com/go/+/7f9494c277a471f6f47f4af3036285c0b1419816
	- web: https://groups.google.com/g/golang-announce/c/SUsQn0aSgPQ
	- report: https://go.dev/issue/50974