blob: 7a6a393aa70c7116e1305914a830310a57608121 [file] [log] [blame]
id: GO-2021-0235
modules:
- module: std
versions:
- fixed: 1.14.14
- introduced: 1.15.0-0
- fixed: 1.15.7
vulnerable_at: 1.15.6
packages:
- package: crypto/elliptic
symbols:
- p224Contract
skip_fix: 'TODO: revisit this reason (fix appears to not work with Go <1.18)'
summary: Incorrect operations on the P-224 curve in crypto/elliptic
description: |-
The P224() Curve implementation can in rare circumstances generate incorrect
outputs, including returning invalid points from ScalarMult.
published: 2022-02-17T17:34:14Z
cves:
- CVE-2021-3114
credits:
- The elliptic-curve-differential-fuzzer project running on OSS-Fuzz
- Philippe Antoine (Catena cyber)
references:
- fix: https://go.dev/cl/284779
- fix: https://go.googlesource.com/go/+/d95ca9138026cbe40e0857d76a81a16d03230871
- report: https://go.dev/issue/43786
- web: https://groups.google.com/g/golang-announce/c/mperVMGa98w
review_status: REVIEWED