blob: a91d5c7b76de9ab526758f922a8d56b543bd45e9 [file] [log] [blame]
id: GO-2022-0217
modules:
- module: std
versions:
- fixed: 1.10.8
- introduced: 1.11.0-0
- fixed: 1.11.5
vulnerable_at: 1.11.4
packages:
- package: crypto/elliptic
symbols:
- curve.doubleJacobian
skip_fix: 'TODO: revisit this reason (fix appears to not work with Go <1.18)'
summary: Denial of service affecting P-521 and P-384 curves in crypto/elliptic
description: |-
A DoS vulnerability in the crypto/elliptic implementations of the P-521 and
P-384 elliptic curves may let an attacker craft inputs that consume excessive
amounts of CPU.
These inputs might be delivered via TLS handshakes, X.509 certificates, JWT
tokens, ECDH shares or ECDSA signatures. In some cases, if an ECDH private key
is reused more than once, the attack can also lead to key recovery.
published: 2022-05-24T15:21:01Z
cves:
- CVE-2019-6486
credits:
- Wycheproof Project
references:
- fix: https://go.dev/cl/159218
- fix: https://go.googlesource.com/go/+/193c16a3648b8670a762e925b6ac6e074f468a20
- report: https://go.dev/issue/29903
- web: https://groups.google.com/g/golang-announce/c/mVeX35iXuSw
review_status: REVIEWED